* Add become

tasks/create-cert-standalone.yml

@@ -5,6 +5,7 @@
   register: letsencrypt_cert
 
 - name: Stop services to allow certbot to generate a cert.
+  become: True
   service:
     name: "{{ item }}"
     state: stopped
@@ -12,10 +13,12 @@
   with_items: "{{ certbot_create_standalone_stop_services }}"
 
 - name: Generate new certificate if one doesn't exist.
+  become: True
   shell: "{{ certbot_create_command }}"
   when: not letsencrypt_cert.stat.exists
 
 - name: Start services after cert has been generated.
+  become: True
   service:
     name: "{{ item }}"
     state: started

tasks/install-from-source.yml

@@ -12,6 +12,7 @@
     certbot_script: "{{ certbot_dir }}/certbot-auto"
 
 - name: Ensure certbot-auto is executable.
+  become: True
   file:
     path: "{{ certbot_script }}"
     mode: 0755

tasks/install-with-package.yml

@@ -1,5 +1,6 @@
 ---
 - name: Install Certbot.
+  become: True
   package: "name={{ certbot_package }} state=present"
 
 - name: Set Certbot script variable.

tasks/renew-cron.yml

@@ -1,5 +1,6 @@
 ---
 - name: Add cron job for certbot renewal (if configured).
+  become: True
   cron:
     name: Certbot automatic renewal.
     job: "{{ certbot_script }} renew {{ certbot_auto_renew_options }}"