---
- name: Check if certificate already exists.
  stat:
    path: /etc/letsencrypt/live/{{ cert_item.domains | first | replace('*.', '') }}/cert.pem
  register: letsencrypt_cert

- name: Populate service facts
  service_facts:
  
- name: firewall enable port 80
  firewalld:
    port: 80/tcp
    permanent: false
    state: enabled
  ignore_errors: yes
  when: not letsencrypt_cert.stat.exists

- name: Stop services to allow certbot to generate a cert.
  service:
    name: "{{ item }}"
    state: stopped
  when: not letsencrypt_cert.stat.exists and item in services
  with_items: "{{ certbot_create_standalone_stop_services }}"

- name: Generate new certificate if one doesn't exist.
  command: "{{ certbot_create_command }}"
  when: not letsencrypt_cert.stat.exists

- name: Start services after cert has been generated.
  service:
    name: "{{ item }}"
    state: started
  when: not letsencrypt_cert.stat.exists and item in services
  with_items: "{{ certbot_create_standalone_stop_services }}"