ContactRocket/roles/certbot/tasks/certbot.yml

---
- name: Create certbot directory
  file: path=/opt/certbot state=directory mode=0755 owner=root group=root

- name: Install certbot standalone
  get_url:
    url: "{{ certbot_url }}"
    dest: "{{ certbot_dir }}/certbot-auto"

- name: Ensure certbot-auto is executable.
  file:
    path: "{{ certbot_dir }}/certbot-auto"
    mode: 0755

- name: Get initial certificate
  command: "{{ certbot_dir }}/certbot-auto certonly --non-interactive --quiet --agree-tos --email {{ certbot_email }} --standalone --pre-hook 'service nginx stop' --post-hook 'service nginx start' -d {{ deploy_server_hostname }}"
  notify: restart nginx

- name: Add cerbot renewel cronjob
  cron: name="renew letsencrypt certificates" hour="0" minute="0" job="/bin/bash {{ certbot_dir }}/certbot-auto renew --non-interactive --quiet --standalone --pre-hook 'service nginx stop' --post-hook 'service nginx start'"