--- # Very similar to the certbot role, but without nginx # Install Letscrypt tools to generate and manage certificates - name: Install Letsencrypt apt: name: - certbot # letsencrypt - ca-certificates # just in case update_cache: true # Create the configuration directory for letsencrypt - name: Create /etc/letsencrypt/conf.d file: path: /etc/letsencrypt/conf.d state: directory mode: 0755 # Configure certbot - name: Add certbot configuration template: src: "conf.ini.j2" dest: "/etc/letsencrypt/conf.d/{{ certbot.certname }}.ini" mode: 0644 register: certbot_config - name: Generate new certificates if the configuration changed command: "certbot certonly --non-interactive --config /etc/letsencrypt/conf.d/{{ certbot.certname }}.ini" when: certbot_config.changed