[
	{
		"name": "install packages",
		"become": true,
		"ansible.builtin.apt": {
			"update_cache": true,
			"pkg": [
				"lighttpd",
				"lighttpd-mod-openssl"
			]
		}
	},
	{
		"name": "activate openssl module | file",
		"become": true,
		"ansible.builtin.template": {
			"src": "10-ssl-custom.conf.j2",
			"dest": "/etc/lighttpd/conf-available/10-ssl-custom.conf"
		}
	},
	{
		"name": "activate openssl module | link",
		"become": true,
		"ansible.builtin.file": {
			"state": "link",
			"src": "/etc/lighttpd/conf-available/10-ssl-custom.conf",
			"dest": "/etc/lighttpd/conf-enabled/10-ssl-custom.conf"
		}
	},
	{
		"name": "Check wether enabling UFW would be considered a changed",
		"check_mode": true,
		"community.general.ufw": {
			"state": "enabled",
			"register": "ufw_enable_check"
		}
	},
	{
		"name": "Allow port 80 in ufw",
		"community.general.ufw": {
			"rule": "allow",
			"port": "80",
			"proto": "tcp"
		},
		"when": "not ufw_enable_check.changed"
	},
	{
		"name": "Allow port 443 in ufw",
		"community.general.ufw": {
			"rule": "allow",
			"port": "443",
			"proto": "tcp"
		},
		"when": "not ufw_enable_check.changed"
	},
	{
		"name": "restart service",
		"become": true,
		"ansible.builtin.systemd_service": {
			"state": "restarted",
			"name": "lighttpd"
		}
	}
]