---

- name: install packages
  package:
    name: dovecot
    state: installed

- name: install privatekey
  copy:
    dest: "{{ tls_private }}/{{ mail_server }}.key"
    src: "{{ item }}"
    mode: 0600
    owner: root
    grouop: "{{ ansible_wheel }}"
  with_first_found:
    - "/srv/letsencrypt/live/{{ mail_server }}/privkey.pem"
    - "/srv/ca/private/{{ inventory_hostname }}.key"
  tags: certificates
  notify: restart dovecot

- name: install certificate
  copy:
    dest: "{{ tls_certs }}/{{ mail_server }}.crt"
    src: "{{ item }}"
    mode: 0644
    owner: root
    group: "{{ ansible_wheel }}"
  with_first_found:
    - "/srv/letsencrypt/live/{{ mail_server }}/fullchain.pem"
    - "/srv/ca/certs/{{ inventory_hostname }}.crt"
  tages: certificates
  notify: restart dovecot

- name: create local config
  template:
    dest: /etc/dovecot/conf.d/99local.conf
    src: local.conf.j2
    mode: 0644
    owner: root
    group: "{{ ansible_wheel }}"
  notify: restart dovecot

- name: enable service
  service:
    name: dovecot
    enabled: true
    state: started