--- - name: Install certbot apt: update_cache: true name: - certbot - python3-certbot-nginx state: latest - name: Ensure the cert directory exists file: path: /etc/nginx/certs state: directory - name: Copy snippets template: src: "nginx/snippets/{{ item }}" dest: "/etc/nginx/snippets/{{ item }}" loop: - connection_upgrade.conf # fix some nginx bug - name: Ensure the shared directory exist file: path: "{{ item.folder }}" state: directory owner: "{{ item.user }}" group: "{{ item.group }}" loop: "{{ sharing_sites }}" - name: Copy sharing sites template: src: "nginx/sites-available/sharing_site" dest: "/etc/nginx/sites-available/{{ item.from }}" loop: "{{ sharing_sites }}" notify: Reload nginx - name: Activate sites file: src: "/etc/nginx/sites-available/{{ item.from }}" dest: "/etc/nginx/sites-enabled/{{ item.from }}" state: link force: yes loop: "{{ sharing_sites }}" - name: Generate Certificate for Domains shell: certbot certonly --standalone -d {{ item.from }} -m {{ certificate_email }} --noninteractive --redirect --pre-hook "sudo systemctl stop nginx" --post-hook "sudo systemctl start nginx" args: creates: "/etc/letsencrypt/live/{{ item.from }}/cert.pem" loop: "{{ sharing_sites }}" - name: Copy certificates file: src: "/etc/letsencrypt/live/{{ item.from }}/fullchain.pem" dest: "/etc/nginx/certs/{{ item.from }}.crt" state: link force: yes loop: "{{ sharing_sites }}" - name: Copy certificate keys file: src: "/etc/letsencrypt/live/{{ item.from }}/privkey.pem" dest: "/etc/nginx/certs/{{ item.from }}.key" state: link force: yes loop: "{{ sharing_sites }}" notify: Reload nginx