- block:
  - name: Include dependencies
    include_role:
      name: '{{ item }}'
    loop:
    - srv-web-7-4-core
    - sys-rst-daemon

  - name: Include task to remove deprecated nginx configs
    include_tasks: remove_deprecated_nginx_configs.yml
    loop: "{{ deprecated_domains }}"
    loop_control:
      label: "{{ item }}"
    vars:
      domain: "{{ item }}"
    when:
    - MODE_CLEANUP | bool

## The revoking just works for the base domain
#- name: "Revoke Certbot certificate for {{ item }}"
#  ansible.builtin.command:
#    cmd: "certbot revoke -n --cert-name {{ item }} --non-interactive"
#  become: true
#  loop: "{{ deprecated_domains }}"
#  loop_control:
#    label: "{{ item }}"
#  when:
#    - MODE_CLEANUP | bool
#    - run_once_sys_cln_domains is not defined
#  register: certbot_revoke_result
#  failed_when: >
#    certbot_revoke_result.rc != 0 and
#    'No certificate found with name' not in certbot_revoke_result.stderr
#  changed_when: >
#    certbot_revoke_result.rc == 0
#
## The deleting just works for the base domain
#- name: "Delete Certbot certificate for {{ item }}"
#  ansible.builtin.command:
#    cmd: "certbot delete -n --cert-name {{ item }} --non-interactive"
#  become: true
#  loop: "{{ deprecated_domains }}"
#  loop_control:
#    label: "{{ item }}"
#  when:
#    - MODE_CLEANUP | bool
#    - run_once_sys_cln_domains is not defined
#  register: certbot_delete_result
#  failed_when: >
#    certbot_delete_result.rc != 0 and
#    'No certificate found with name' not in certbot_delete_result.stderr
#  changed_when: >
#    certbot_delete_result.rc == 0
  - include_tasks: utils/run_once.yml
  when: run_once_sys_cln_domains is not defined