---
- name: Check if certificate already exists.
  stat:
    path: /etc/letsencrypt/live/{% if certbot_cert_name %}{{certbot_cert_name}}{% else %}{{ cert_item.domains | first | replace('*.', '') }}{% endif %}/cert.pem
  register: letsencrypt_cert


- name: Stop services to allow certbot to generate a cert.
  service:
    name: "{{ item }}"
    state: stopped
  when:  not letsencrypt_cert.stat.exists or  (certbot_force)
  ignore_errors: yes
  with_items: "{{ certbot_create_standalone_stop_services }}" 

- name: Generate new certificate if one doesn't exist.
  command: "{{ certbot_create_command }}"
  when: not letsencrypt_cert.stat.exists or certbot_force

- name: Generate Diffie-Hellman parameters
  openssl_dhparam:
    path: /etc/letsencrypt/ssl-dhparams.pem
    size: 2048

- name: ensure conf.d exist
  file:
    path: "{{ certbot_nginx_conf_path }}"
    state: directory
    
- name: create nginx config ssl file
  template:
      dest: "{{ certbot_nginx_conf_path }}/{% if certbot_cert_name %}{{certbot_cert_name}}{% else %}{{ cert_item.domains | first | replace('*.', '') }}{% endif %}.ssl" # required. Location to render the template to on the remote machine.
      src: nginx_ssl_config.j2 # required. Path of a Jinja2 formatted template on the Ansible controller. This can be a relative or absolute path.

- name: Start services after cert has been generated.
  service:
    name: "{{ item }}"
    state: started
  when: not letsencrypt_cert.stat.exists or  (certbot_force) 
  ignore_errors: yes
  with_items: "{{ certbot_create_standalone_stop_services }}"