--- - name: Unset cert_changed Flag set_fact: cert_changed: False - name: Include distribution specific install tasks include_tasks: '{{ ansible_facts.os_family | lower }}.yaml' - name: Check for OpenSSL Private Key community.crypto.openssl_privatekey_info: path: '{{ key_path }}/{{ cert_name }}.key' ignore_errors: yes become: yes register: key_check - name: Create OpenSSL Private Key community.crypto.openssl_privatekey: path: '{{ key_path }}/{{ cert_name }}.key' owner: '{{ owner }}' group: '{{ group }}' mode: '640' become: yes when: key_check.failed - name: Check File Permissions for Key file: path: '{{ key_path }}/{{ cert_name }}.key' state: file owner: '{{ owner }}' group: '{{ group }}' mode: '640' become: yes when: not key_check.failed - name: Trigger Cert Generation include_tasks: selfsigned.yml when: use_acme == false - name: Trigger Cert Generation include_tasks: letsencrypt.yml when: use_acme == true