---
- name: Install openvpn
  ansible.builtin.package:
    name:
      - openvpn
      - openresolv
    state: present


- name: Install openresolv script
  ansible.builtin.get_url:
    url: https://raw.githubusercontent.com/ProtonVPN/scripts/master/update-resolv-conf.sh
    dest: /etc/openvpn/update-resolv-conf
    mode: '0755'


- name: Select random NordVPN Endpoint
  ansible.builtin.set_fact:
    nord_endpoint: "{{ openvpn_remotes | random }}"
  

- name: Set config from chosen endpoint {{ nord_endpoint.cn | basename }}
  ansible.builtin.set_fact:
    nord_remote: "{{ nord_endpoint.remote }}"
    nord_cn: "{{ nord_endpoint.cn }}"


- name: Write VPN Endpoint motd script
  ansible.builtin.template:
    src: vpn-endpoint.j2
    dest: /usr/local/bin/vpn-endpoint
    owner: root
    group: root
    mode: '0755'


- name: Write config files
  ansible.builtin.template:
     src: "{{ item }}.conf.j2"
     dest: /etc/openvpn/{{ item }}.conf
     owner: root
     group: root
     mode: '0640'
  loop:
    - login-nord
    - nord
  notify:
    - Restart openvpn


- name: Start/enable openvpn service
  ansible.builtin.systemd_service:
    name: "{{ openvpn_service }}"
    state: started
    enabled: true