--- # Very similar to the certbot role, but without nginx # Install Letscrypt tools to generate and manage certificates - name: Install Letsencrypt apt: name: - certbot # letsencrypt - ca-certificates # just in case update_cache: true # Create the configuration directory for letsencrypt - name: Create /etc/letsencrypt/conf.d file: path: /etc/letsencrypt/conf.d state: directory mode: 0755 # Configure certbot - name: Add certbot configuration template: src: "conf.ini.j2" dest: "/etc/letsencrypt/conf.d/{{ certbot.certname }}.ini" mode: 0644 notify: Generate certificates - name: Make sure let's encrypt renewal-hooks exists file: path: /etc/letsencrypt/renewal-hooks/deploy state: directory - name: Reload Postfix and Dovecot after certificate renewal template: src: letsencrypt/renewal-hooks/deploy/reload-mail-services.sh.j2 dest: /etc/letsencrypt/renewal-hooks/deploy/reload-mail-services.sh mode: 0755 # TODO: add motd