[
	{
		"name": "packages | prerequisites",
		"become": true,
		"ansible.builtin.apt": {
			"update_cache": true,
			"pkg": [
				"apt-transport-https",
				"gpg"
			]
		}
	},
	{
		"name": "packages | keys",
		"become": true,
		"ansible.builtin.apt_key": {
			"url": "https://apt.authelia.com/organization/signing.asc"
		}
	},
	{
		"name": "packages | repository",
		"become": true,
		"ansible.builtin.apt_repository": {
			"repo": "deb https://apt.authelia.com/stable/debian/debian/ all main"
		}

	},
	{
		"name": "packages | installation",
		"become": true,
		"ansible.builtin.apt": {
			"update_cache": true,
			"pkg": [
				"openssl",
				"python3-cryptography",
				"python3-yaml",
				"authelia"
			]
		}
	},
	{
		"name": "generate private key for signing OIDC JWTs",
		"become": true,
		"community.crypto.openssl_privatekey": {
			"type": "RSA",
			"size": 4096,
			"path": "/etc/ssl/private/authelia-key.pem",
			"return_content": true
		},
		"register": "temp_tls_result"
	},
	{
		"name": "configuration | compose script",
		"become": true,
		"ansible.builtin.copy": {
			"src": "conf-compose.py",
			"dest": "/usr/bin/authelia-conf-compose",
			"mode": "0700"
		}
	},
	{
		"name": "configuration | directories",
		"become": true,
		"loop": [
			"/etc/authelia/conf.d",
			"/etc/authelia/conf.d/clients"
		],
		"ansible.builtin.file": {
			"state": "directory",
			"path": "{{item}}"
		}
	},
	{
		"name": "configuration | main",
		"become": true,
		"ansible.builtin.template": {
			"src": "conf-main.json.j2",
			"dest": "/etc/authelia/conf.d/main.json"
		}
	},
	{
		"name": "configuration | compose",
		"become": true,
		"ansible.builtin.command": {
			"cmd": "/usr/bin/authelia-conf-compose --main-file-path=/etc/authelia/conf.d/main.json --clients-directory-path=/etc/authelia/conf.d/clients --output-format=yaml --output-path=/etc/authelia/configuration.yml"
		}
	},
	{
		"name": "setup log directory",
		"become": true,
		"ansible.builtin.file": {
			"state": "directory",
			"path": "{{var_authelia_log_file_path | dirname}}"
		}
	},
	{
		"name": "users | directory",
		"become": true,
		"ansible.builtin.file": {
			"state": "directory",
			"path": "{{var_authelia_users_file_path | dirname}}"
		}
	},
	{
		"name": "users | initial file",
		"become": true,
		"ansible.builtin.template": {
			"src": "users.yml.j2",
			"dest": "{{var_authelia_users_file_path}}",
			"force": false
		}
	},
	{
		"name": "users | management script",
		"become": true,
		"ansible.builtin.copy": {
			"src": "user-manage.py",
			"dest": "/usr/bin/authelia-user-manage",
			"mode": "0700"
		}
	},
	{
		"name": "apply",
		"become": true,
		"ansible.builtin.systemd_service": {
			"state": "restarted",
			"enabled": true,
			"name": "authelia"
		}
	}
]