--- - name: check if certificate exist ansible.builtin.stat: path: '/etc/letsencrypt/live/{{ item.name }}' loop: '{{ certbot_domains }}' register: st tags: certbot - name: check if nginx is launch ansible.builtin.stat: path: /var/run/nginx.pid register: ng tags: certbot - name: create a new certificate ansible.builtin.command: > certbot certonly -n --agree-tos -d {{ item.item.name }} -m {{ certbot_mail }} --webroot --webroot-path {{ certbot_path }} --rsa-key-size {{ certbot_key_size }} loop: '{{ st.results }}' when: (certbot_role == 'master' or item.item.name == ansible_fqdn) and not item.stat.exists and ng.stat.exists tags: certbot - name: create a new certificate (standalone) ansible.builtin.command: > certbot certonly -n --agree-tos -d {{ item.item.name }} -m {{ certbot_mail }} --standalone --rsa-key-size {{ certbot_key_size }} loop: '{{ st.results }}' when: (certbot_role == 'master' or item.item.name == ansible_fqdn) and not item.stat.exists and not ng.stat.exists tags: certbot