---
- name: "Install haproxy via apt"
  apt:
    update_cache: yes
    state: present
    name:
     - haproxy

- name: Copy haproxy configuration
  copy:
    src: haproxy.cfg
    dest: /etc/haproxy/haproxy.cfg
    mode: 0644
    owner: root
    group: root

- name: Enable and stop haproxy
  service:
    name: haproxy
    state: stopped
    enabled: yes

- name: "Install certbot via apt"
  apt:
    update_cache: yes
    state: present
    name:
     - python3-certbot

- name: Generate certificate for all proxied domains
  command:
    cmd: certbot certonly --non-interactive --agree-tos -m tormakristof@tormakristof.eu --standalone -d neko.tormakristof.eu

- name: Enable and start haproxy
  service:
    name: haproxy
    state: started
    enabled: yes

- name: Copy certbot cronjob
  copy:
    src: certbot
    dest: /etc/cron.weekly/certbot
    mode: 0755
    owner: root
    group: root

- name: Reset ufw rules to default
  community.general.ufw:
    state: reset

- name: Enable ufw
  community.general.ufw:
    state: enabled

- name: Copy datadog repo config
  copy:
    src: datadog.list
    dest: /etc/apt/sources.list.d/datadog.list
    mode: 0655
    owner: root
    group: root

- name: "Install datadog-agent"
  apt:
    update_cache: yes
    state: present
    name:
      - datadog-agent

- name: "Generate datadog configuration"
  ansible.builtin.template:
    src: datadog.yaml
    dest: /etc/datadog-agent/datadog.yaml
    owner: dd-agent
    group: dd-agent
    mode: '0640'
...