---
- name: Install or update consul
  become: true
  apt:
    name: consul
    state: latest
    update_cache: yes
  when: ansible_check_mode == false

- name: Add consul user
  become: true
  user:
    name: consul
    system: yes
    shell: /bin/false

- name: Create consul directories
  become: true
  file:
    path: "{{ item }}"
    state: directory
    owner: consul
    group: consul
  with_items:
    - /etc/consul.d
    - /opt/consul

- include_tasks: configure.yml

- name: Enable and start consul
  become: true
  systemd:
    name: consul
    enabled: yes
    state: started
  when: ansible_check_mode == false

- name: Ensure systemd-resolved config directory exists
  become: true
  file:
    path: /etc/systemd/resolved.conf.d
    state: directory

- name: Configure Consul DNS in systemd-resolved
  become: true
  copy:
    dest: /etc/systemd/resolved.conf.d/consul.conf
    content: |
      [Resolve]
      DNS=127.0.0.1:8600
      DNSSEC=false
      Domains=~consul node.consul service.consul

- name: Restart systemd-resolved
  become: true
  systemd:
    name: systemd-resolved
    enabled: yes
    state: restarted
  when: ansible_check_mode == false

- name: Remove resolv.conf symlink
  become: true
  file:
    path: /etc/resolv.conf
    state: absent

- name: Create resolv.conf symlink
  become: true
  file:
    src: /run/systemd/resolve/stub-resolv.conf
    dest: /etc/resolv.conf
    state: link