tools/scripts/ansible/certbot-playbook.yml - platform/external/cldr - Git at Google

 - hosts: letsencrypt
   become: yes
   vars_files:
     - vars/main.yml
     - local-vars/local.yml
   tasks:
     - name: Install certbot packages
       apt:
         pkg:
           - python3-certbot-nginx
     - name: setup certbot
       command: >
         sudo certbot --nginx --agree-tos -m {{ surveytooldeploy.certbot_admin_email }}
         -d {{ inventory_hostname }} --non-interactive
         --keep --redirect --uir --hsts --staple-ocsp --must-staple
       args:
         creates: /etc/letsencrypt/renewal/{{ inventory_hostname }}.conf
     - name: Speedup http2
       replace:
         path: /etc/nginx/sites-enabled/default
         regexp: '^(\s*)listen 443 ssl;(.*)$'
         replace: '\1listen 443 ssl http2;\2'
	- hosts: letsencrypt
	become: yes
	vars_files:
	- vars/main.yml
	- local-vars/local.yml
	tasks:
	- name: Install certbot packages
	apt:
	pkg:
	- python3-certbot-nginx
	- name: setup certbot
	command: >
	sudo certbot --nginx --agree-tos -m {{ surveytooldeploy.certbot_admin_email }}
	-d {{ inventory_hostname }} --non-interactive
	--keep --redirect --uir --hsts --staple-ocsp --must-staple
	args:
	creates: /etc/letsencrypt/renewal/{{ inventory_hostname }}.conf
	- name: Speedup http2
	replace:
	path: /etc/nginx/sites-enabled/default
	regexp: '^(\s)listen 443 ssl;(.)$'
	replace: '\1listen 443 ssl http2;\2'