---
# This ansible-playbook installs letsencrypt certs
#
# What it does:
#   - registers LE account
#   - requests/creates first-time certificates
#   - requests new certs if list of domains changed
##
# REVIEW/EDIT THE VARS BELOW BEFORE RUNNING!
# ALL DOMAINS MUST BE REGISTERED FOR TARGET HOST IN DNS!
#
# It will normally be run like this:
#
#  ansible-playbook -b -i h8.waeup.org, letsencrypt.yml
#
- hosts: h8.waeup.org
  vars:
    letsencrypt_email: 'uli@gnufix.de'
    letsencrypt_domains: 'waeup.org,www.waeup.org,h8.waeup.org,v2.waeup.org,v3.waeup.org,v4.waeup.org,v5.waeup.org,v6.waeup.org,gopinkdreams.com,www.gopinkdreams.com'
    # set to true if you got some LE certs already, but the list of domains expanded
    letsencrypt_expand_domains: true
  roles:
    - letsencrypt