---
# task/prerequisites file for renew_vault_certificates
- name: "Create directory {{ renew_vault_certificates_config_dir }}"
  ansible.builtin.file:
    path: "{{ renew_vault_certificates_config_dir }}"
    state: directory
    owner: "{{ renew_vault_certificates_vault_user }}"
    group: "{{ renew_vault_certificates_vault_group }}"
    mode: '0755'
  become: true

- name: "Create directory templates directory in {{ renew_vault_certificates_config_dir }}"
  ansible.builtin.file:
    path: "{{ renew_vault_certificates_config_dir }}/templates"
    state: directory
    owner: "{{ renew_vault_certificates_vault_user }}"
    group: "{{ renew_vault_certificates_vault_group }}"
    mode: '0755'
  become: true

- name: "Ensure certificate/key directory(ies) exist(s)"
  ansible.builtin.file:
    path: "{{item | dirname }}"
    state: directory
    owner: "{{ renew_vault_certificates_vault_user }}"
    group: "{{ renew_vault_certificates_vault_group }}"
    mode: '0755'
  become: true
  loop:
    - "{{ renew_vault_certificates_cert_dest }}"
    - "{{ renew_vault_certificates_key_dest }}"