roles/certbot/templates/letsencrypt/conf.d/certname.ini.j2

@@ -18,6 +18,9 @@ text = True
 # Use nginx challenge
 authenticator = nginx
 
+# Accept TOS
+agree-tos = True
+
 # Wildcard the domain
 cert-name = {{ certbot.certname }}
 domains = {{ ", ".join(certbot.domains) }}

roles/mail-certificates/templates/conf.ini.j2

@@ -0,0 +1,26 @@
+# {{ ansible_managed }}
+
+# Pour appliquer cette conf et générer la conf de renewal :
+# certbot --config /etc/letsencrypt/conf.d/{{ certbot.certname }}.ini certonly
+
+# Use a 4096 bit RSA key instead of 2048
+rsa-key-size = 4096
+
+# Always use the staging/testing server
+# server = https://acme-staging.api.letsencrypt.org/directory
+
+# Uncomment and update to register with the specified e-mail address
+email = {{ certbot.mail }}
+
+# Uncomment to use a text interface instead of ncurses
+text = True
+
+# Use nginx challenge
+authenticator = standalone
+
+# Accept TOS
+agree-tos = True
+
+# Wildcard the domain
+cert-name = {{ certbot.certname }}
+domains = {{ ", ".join(certbot.domains) }}