Add certbot_cli_options to populate cli.ini

When using snap and systemd timers to run certbot renew it is useful to
have the cli.ini file populated so we can define options, i.e. pre-hook,
post-hook, etc.

defaults/main.yml

@@ -37,3 +37,12 @@ certbot_keep_updated: true
 
 # Where to put Certbot when installing from source.
 certbot_dir: /opt/certbot
+
+# Certbot global options for command line execution. Useful as a substitute for
+# certbot_auto_renew_options when using  snap install method
+# certbot_cli_options: |
+#   quiet
+#   no-self-upgrade
+#   pre-hook = systemctl stop httpd
+#   post-hook = systemctl stop httpd
+

tasks/create-cert-standalone.yml

@@ -11,6 +11,12 @@
   when: not letsencrypt_cert.stat.exists
   with_items: "{{ certbot_create_standalone_stop_services }}"
 
+- name: Add renew options to cli.ini file
+  copy:
+    path: /etc/letsencrypt/cli.ini
+    content:  {{ certbot_cli_options }}
+  when: certbot_cli_options is defined
+
 - name: Generate new certificate if one doesn't exist.
   command: "{{ certbot_create_command }}"
   when: not letsencrypt_cert.stat.exists