# Note: Since we have multiple servers for a single certificate, the actual call
# for the cert must be done manually right now. Looking for better
# automation.
- name: Download Let's Encrpt / Certbot
get_url: url= dest=/root/certbot-auto mode=0774
tags: letsencrypt
- name: Create a directory for the Let's Encrypt confirmation
file: path=/var/www/acme-challenge/ state=directory
- name: Create a directory for Diffie Hellman group.
file: path=/etc/nginx/ssl state=directory
- name: Create a Unique DH group
command: openssl dhparam -out /etc/nginx/ssl/dhparams.pem 2048 creates=/etc/nginx/ssl/dhparams.pem