---
- name: Include OS-specific variables
  include_vars: "{{ item }}"
  with_first_found:
    - files:
        - "{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml"
        - "{{ ansible_os_family }}.yml"
- name: add hashicorp repo
  get_url:
    url: "https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo"
    dest: '/etc/yum.repos.d/hashicorp.repo'
    owner: root
    group: root
    mode: 0644
  when: ansible_os_family == "RedHat"

- name: Add Vault/Hashicorp apt key
  apt_key:
    url: "{{ vault_debian_repository_key_url }}"
    state: present
  become: true
  when: ansible_pkg_mgr == 'apt'

- name: Add Vault/Hashicorp apt repo
  apt_repository:
    repo: "deb {{ vault_debian_repository_url }} {{ ansible_distribution_release }} main"
    state: present
  become: true
  when: ansible_pkg_mgr == 'apt'

- name: install package
  package:
    name: "{{ vault_os_package }}"
    state: present

- name: apply config template
  block:
    - name: server template
      template:
        src: config.hcl.j2
        dest: "{{vault_config_path}}"
        owner: vault
        group: vault
        mode: 0400
  notify: restart vault

- name: ensure service is started
  systemd:
    name: "{{ vault_os_service }}"
    state: started
    enabled: True