From 7b4f97dcd565ed529888f52460cfa3f72b391de1 Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <andrea.dellamico@isti.cnr.it>
Date: Thu, 30 Sep 2021 19:22:01 +0200
Subject: [PATCH] Remove the letsencrypt hook when not needed.

---
 tasks/letsencrypt-openvpn.yml | 22 ++++++++++++++++------
 1 file changed, 16 insertions(+), 6 deletions(-)

diff --git a/tasks/letsencrypt-openvpn.yml b/tasks/letsencrypt-openvpn.yml
index 42c8803..202743c 100644
--- a/tasks/letsencrypt-openvpn.yml
+++ b/tasks/letsencrypt-openvpn.yml
@@ -1,14 +1,24 @@
 ---
-- name: Create the acme hooks directory if it does not yet exist
-  file: dest={{ letsencrypt_acme_services_scripts_dir }} state=directory owner=root group=root
+- name: Add the letsencrypt hook
+  block:
+  - name: Create the acme hooks directory if it does not yet exist
+    file: dest={{ letsencrypt_acme_services_scripts_dir }} state=directory owner=root group=root
+
+  - name: Install a script that fix the letsencrypt certificate for openvpn and then reload the service
+    copy: src=openvpn-letsencrypt-acme.sh dest={{ letsencrypt_acme_services_scripts_dir }}/openvpn owner=root group=root mode=4555
+
   when:
     - openvpn_letsencrypt_managed | bool
     - letsencrypt_acme_install | bool
   tags: [ 'openvpn', 'letsencrypt' ]
 
-- name: Install a script that fix the letsencrypt certificate for openvpn and then reload the service
-  copy: src=openvpn-letsencrypt-acme.sh dest={{ letsencrypt_acme_services_scripts_dir }}/openvpn owner=root group=root mode=4555
+- name: Remove the letsencrypt hook
+  block:
+  - name: Remove the letsencrypt hook for openvpn
+    file:
+      dest: '{{ letsencrypt_acme_services_scripts_dir }}/openvpn'
+      state: absent
+
   when:
-    - openvpn_letsencrypt_managed | bool
-    - letsencrypt_acme_install | bool
+    - not openvpn_letsencrypt_managed
   tags: [ 'openvpn', 'letsencrypt' ]