---
- name: Create /etc/pki/fedora-messaging
  ansible.builtin.file:
    dest: /etc/pki/fedora-messaging
    mode: "0775"
    owner: root
    group: root
    state: directory
  tags:
  - config
  - logging
  - fedora-messaging

- name: Deploy the fedora-messaging CA
  ansible.builtin.copy:
    src: "{{ private }}/files/rabbitmq/{{ env }}/ca-combined.crt"
    dest: /etc/pki/fedora-messaging/rabbitmq-ca.crt
    mode: "0644"
    owner: root
    group: root
  tags:
  - config
  - logging
  - fedora-messaging

- name: Deploy the fedora-messaging cert
  ansible.builtin.copy:
    src: "{{ private }}/files/rabbitmq/{{ env }}/pki/issued/logging{{ env_suffix }}.crt"
    dest: /etc/pki/fedora-messaging/logging.crt
    mode: "0644"
    owner: root
    group: root
  tags:
  - config
  - logging
  - fedora-messaging

- name: Deploy the fedora-messaging key
  ansible.builtin.copy:
    src: "{{ private }}/files/rabbitmq/{{ env }}/pki/private/logging{{ env_suffix }}.key"
    dest: /etc/pki/fedora-messaging/logging.key
    mode: "0640"
    owner: root
    group: countme
  tags:
  - config
  - logging
  - fedora-messaging

- name: Install fedora-messaging config
  ansible.builtin.template:
    src: fedora-messaging.toml.j2
    dest: /etc/fedora-messaging/config.toml
    owner: countme
    group: countme
    mode: "0660"
  tags:
  - config
  - logging
  - fedora-messaging