---
- name: Install openssl
  apt:
    name: openssl
    state: present

- name: install Certbot Nginx plugin
  apt:
    name: python3-certbot
  when: installCertbot == True

- name: Create Directory for Domain self-signed
  file:
    path: /etc/ssl/{{ domain }}
    state: directory
    mode: '0755'
  when: installCertbot == False

- name: Create self-signed certificate, if configured.
  shell: openssl req -x509 -nodes -subj '/CN={{ domain }}' -days 3650 -newkey rsa:4096 -sha256 -keyout /etc/ssl/"{{ domain }}".key -out /etc/ssl/"{{ domain }}".crt
  when: installCertbot == False

- name: Open port 80 for letsencrypt challenge
  ufw:
    rule: allow
    port: 80
    proto: tcp
  when: installCertbot == True

- name: Create self-signed certificate, if configured.
  shell: "certbot certonly --{{ mode }} -d {{ domain }} {{ alt_domains }} -m {{ email }} --agree-tos"
  when: installCertbot == True