---
- name: Ensure snell config directory exists
  ansible.builtin.file:
    path: /etc/snell
    state: directory
    owner: root
    group: root
    mode: "0755"

- name: Download snell-server binary
  ansible.builtin.get_url:
    url: "{{ snell_download_url }}"
    dest: /tmp/snell-server.zip
    mode: "0644"
  register: snell_download

- name: Unarchive snell-server binary
  ansible.builtin.unarchive:
    src: /tmp/snell-server.zip
    dest: /usr/local/bin/
    remote_src: yes
    creates: /usr/local/bin/snell-server
  when: snell_download is changed

- name: Ensure snell-server is executable
  ansible.builtin.file:
    path: /usr/local/bin/snell-server
    mode: "0755"
    state: file

- name: Deploy snell-server configuration
  ansible.builtin.template:
    src: snell-server.conf.j2
    dest: /etc/snell/snell-server.conf
    owner: root
    group: root
    mode: "0600"
  notify: restart snell

- name: Deploy snell systemd service
  ansible.builtin.template:
    src: snell.service.j2
    dest: /etc/systemd/system/snell.service
    owner: root
    group: root
    mode: "0644"
  notify: restart snell

- name: Reload systemd daemon
  ansible.builtin.systemd:
    daemon_reload: yes

- name: Enable and start snell service
  ansible.builtin.systemd:
    name: snell
    enabled: yes
    state: started

- name: Allow snell port through UFW
  community.general.ufw:
    rule: allow
    port: "{{ snell_port }}"
    proto: tcp