From 11aa29849ac8eef44f4277b02c545735c5c1866a Mon Sep 17 00:00:00 2001
From: Nikolaos Kakouros <nkak@kth.se>
Date: Wed, 6 Sep 2017 20:24:42 +0200
Subject: [PATCH] Registers and generates certificates

---
 defaults/main.yml        | 20 +++++++++++++++++++-
 tasks/generate-certs.yml |  7 +++++++
 tasks/main.yml           |  3 +++
 3 files changed, 29 insertions(+), 1 deletion(-)
 create mode 100644 tasks/generate-certs.yml

diff --git a/defaults/main.yml b/defaults/main.yml
index 7f6f0d3..58f9ef7 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,7 +1,10 @@
 ---
+# Global options for configuration file
+certbot_config_file_options: {}
+
 # Certbot auto-renew cron job configuration (for certificate renewals).
 certbot_auto_renew: true
-certbot_auto_renew_user: "{{ ansible_user }}"
+certbot_auto_renew_user: "{{ lookup('env', 'USER') }}"
 certbot_auto_renew_hour: 3
 certbot_auto_renew_minute: 30
 
@@ -14,3 +17,18 @@ certbot_keep_updated: yes
 
 # Where to put Certbot when installing from source.
 certbot_dir: /opt/certbot
+
+# Set to true to have this role register and generate certificates for your
+# domains.
+certbot_handle_certs: true
+certbot_register_email: user@example.com
+
+# The command to run to register with Let's Encrypt
+certbot_register_command: certbot --non-interactive --agree-tos --email "{{ certbot_register_email }}"
+
+# The domains to generate certs for
+certbot_domains:
+- 'example.com'
+
+# The command to run to generate the certificates
+certbot_cert_command: certbot certonly --noninteractive --standalone
diff --git a/tasks/generate-certs.yml b/tasks/generate-certs.yml
new file mode 100644
index 0000000..78633c7
--- /dev/null
+++ b/tasks/generate-certs.yml
@@ -0,0 +1,7 @@
+---
+
+- name: Register with Let's Encrypt
+  command: "{{ certbot_register_command }}"
+
+- name: Generate certificates
+  command: "{{ certbot_cert_command }} -d {{ certbot_domains | join(' -d ') }}"
diff --git a/tasks/main.yml b/tasks/main.yml
index 5324ff9..fde7828 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -7,5 +7,8 @@
 - include: install-from-source.yml
   when: certbot_install_from_source
 
+- include: generate-certs.yml
+  when: certbot_handle_certs
+
 - include: renew-cron.yml
   when: certbot_auto_renew