---
- name: Create configuration directory
  file:
    path: "{{ besu_config_dir }}"
    state: directory
    owner: "{{ besu_user }}"
    group: "{{ besu_group }}"
    recurse: yes
  become: true

- name: Generate config file
  template:
    src: "{{ besu_config_template }}"
    dest: "{{ besu_config_dir }}/config.toml"
    owner: "{{ besu_user }}"
    group: "{{ besu_group }}"
    mode: 0644
  become: true
  register: config_toml

- name: JWT secret
  block:
    - name: Check if a JWT secret already exists
      stat:
        path: "{{ besu_engine_jwt_secret }}"
      register: stat_result
      when: besu_engine_jwt_secret_content is undefined

    # Set the value if it is set by the user or if the secret does not already exist,
    # if no secret is specified and there is not an existing secret on disk, then set it to a random value.
    - name: Set the JWT shared secret
      copy:
        dest: "{{ besu_engine_jwt_secret }}"
        content: "{{ besu_engine_jwt_secret_content | default((('%#064x' % ((2 | pow(256) | int ) | random)) | split('x'))[1]) }}"
        owner: "{{ besu_user }}"
        group: "{{ besu_group }}"
        mode: 0400
      register: jwt_secret_content
      when: besu_engine_jwt_secret_content is defined or not stat_result.stat.exists or stat_result.stat.size == 0

    - name: Set updated optionally to trigger a systemd restart at the end
      set_fact:
        besu_state_updates: "{{ besu_state_updates + ['besu.jwt_secret_content'] }}"
      when: jwt_secret_content is changed

  when: besu_engine_jwt_secret is defined and besu_engine_jwt_secret != ""
  become: yes

- name: Set updated optionally to trigger a systemd restart at the end
  set_fact:
    besu_state_updates: "{{ besu_state_updates + ['besu.config_toml'] }}"
  when: config_toml is changed

- name: Create data directory
  file:
    path: "{{ besu_data_dir }}"
    state: directory
    owner: "{{ besu_user }}"
    group: "{{ besu_group }}"
    recurse: yes
  become: true