- name: install certbot
  apt:
    name: "{{ item }}"
    state: present
    update_cache: yes
    cache_valid_time: 3600
  with_items:
    - certbot
    - sendmail-bin
    - cron

- name: request certificate
  command: certbot certonly -a standalone --agree-tos --email roots@lists.lilik.it --preferred-challenges http -d {{ server_fqdn }} -d www.{{ server_fqdn }} -n
  args:
    creates: /etc/letsencrypt/live/{{ server_fqdn }}/cert.pem

# - name: add certbot cron
#   cron:
#     name: "certbot cron"
#     minute: "30"
#     hour: "2"
#     job: '/usr/bin/certbot renew -n --renew-hook "/bin/systemctl reload {{ webserver_name }}"'