---
- name: Create Cloudlfared group
  become: yes
  group:
    name: cloudflared
    state: present
- name: Create Cloudflared user
  become: yes
  user:
    name: cloudflared
    system: yes
    password: '!'
    shell: /bin/false
    create_home: yes
    home: /etc/cloudflared
- name: Upload config file
  become: yes
  copy:
    src: config.yml
    dest: /etc/cloudflared/config.yml
    owner: cloudflared
    group: cloudflared
    mode: 0640
- name: Upload the credentials file
  become: yes
  template:
    src: "{{ tunnel_id }}.json"
    dest: /etc/cloudflared/{{ tunnel_id }}.json
    owner: cloudflared
    group: cloudflared
    mode: 0640
- name: Download Cloudflared binary
  become: yes
  get_url:
    url: https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64
    dest: /etc/cloudflared/bin/cloudflared
    owner: cloudflared
    group: cloudflared
    mode: '0760'
- name: Check if the Cloudflared service is already installed
  become: yes
  stat:
    path: /etc/systemd/system/cloudflared.service
  register: cloudflared_exists
- name: Install the Cloudflared service
  become: yes
  when: not cloudflared_exists.stat.exists
  environment:
    PATH: /etc/cloudflared/bin:{{ ansible_env.PATH }}
  command:
    cmd: cloudflared service install
- name: Start cloudflared
  become: yes
  systemd:
    name: cloudflared
    state: restarted