ansible/roles/pizza/tasks/main.yml

---

#- name: Ensure certificates are available
#  command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ pizza_domain }}.key -out /etc/nginx/ssl/{{ pizza_domain }}.crt -days 730 -subj "/CN={{ pizza_domain }}" creates=/etc/nginx/ssl/{{ pizza_domain }}.crt
#  notify: Restart nginx

- name: Request nsupdate key for certificate
  include_role: name=acme-dnskey-generate
  vars:
    acme_dnskey_san_domains:
    - "{{ pizza_domain }}"

- name: Configure certificate manager for pizza
  template: src=certs.j2 dest=/etc/acertmgr/{{ pizza_domain }}.conf
  notify: Run acertmgr