From 5c123d7301e35194a6064e2d9ff82a6de9dd8ced Mon Sep 17 00:00:00 2001
From: Beth Parker <ejparker@actcur.com>
Date: Sun, 6 Oct 2024 00:13:20 -0500
Subject: [PATCH 1/2] added cert generation

---
 tasks/generate_cert.yml | 10 ++++++++++
 tasks/main.yml          |  5 +++++
 vars/main.yml           |  7 ++++++-
 3 files changed, 21 insertions(+), 1 deletion(-)
 create mode 100644 tasks/generate_cert.yml

diff --git a/tasks/generate_cert.yml b/tasks/generate_cert.yml
new file mode 100644
index 0000000..333b4a4
--- /dev/null
+++ b/tasks/generate_cert.yml
@@ -0,0 +1,10 @@
+# generate_cert.yml
+---
+- name: check if privkey exists
+  ansible.builtin.command: '[ -f "/etc/letsencrypt/live/{{ item.domain }}/README" ]'
+  register: result
+  ignore_errors: true
+
+- name: generate certificate
+  ansible.builtin.command: 'certbot certonly --standalone --preferred-challenge http-01 -d {{ item.domain }}'
+  when: result is failure
diff --git a/tasks/main.yml b/tasks/main.yml
index 5ba915b..ad4f4f4 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -4,3 +4,8 @@
   ansible.builtin.package:
     name: certbot
     state: present
+
+# generate certs for new domains
+- include_tasks: generate_cert.yml
+  loop: "{{ domains }}"
+
diff --git a/vars/main.yml b/vars/main.yml
index d158fe5..23bf4b0 100644
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -1,2 +1,7 @@
 ---
-# vars file for certbot
+# vars file for nginx-ssl on privtorrents.actcur.com
+
+domains:
+  - domain: privtorrents.actcur.com
+
+# end of file

From 52692b5a2519b86037c4f11bacc85192c462430c Mon Sep 17 00:00:00 2001
From: Beth <ejparker@actcur.com>
Date: Mon, 7 Oct 2024 22:38:31 -0500
Subject: [PATCH 2/2] update

---
 tasks/generate_cert.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tasks/generate_cert.yml b/tasks/generate_cert.yml
index 333b4a4..dc1d775 100644
--- a/tasks/generate_cert.yml
+++ b/tasks/generate_cert.yml
@@ -6,5 +6,5 @@
   ignore_errors: true
 
 - name: generate certificate
-  ansible.builtin.command: 'certbot certonly --standalone --preferred-challenge http-01 -d {{ item.domain }}'
+  ansible.builtin.command: 'certbot certonly --standalone --preferred-challenge http-01 -d {{ item.domain }} -m ejparker@actcur.com --agree-tos'
   when: result is failure