Рабочие роли вынесены на уровень вверх

ansible/roles/ssl-certificate/tasks/letsencrypt.yml

@@ -0,0 +1,32 @@
+---
+- name: Check required parameters.
+  fail:
+    msg: You must set up domain and email.
+  when: not cert_domains or not cert_email
+
+- name: Create letsencrypt web root directory.
+  file:
+    name: '{{ cert_le_webroot_path }}'
+    state: directory
+
+- name: Copy notes acme server config.
+  template:
+    src: vhost.conf.j2
+    dest: "/etc/nginx/sites-enabled/{{ cert_name }}_letsencrypt.conf"
+
+- name: Restart nginx.
+  service:
+    name: nginx
+    state: restarted
+
+- name: Configure Lest Encrypt certificate.
+  include_role:
+    name: thefinn93.ansible-letsencrypt
+    private: yes
+  vars:
+    letsencrypt_webroot_path: '{{ cert_le_webroot_path }}'
+    letsencrypt_email: '{{ cert_email }}'
+    letsencrypt_cert_domains: '{{ cert_domains }}'
+    letsencrypt_renewal_command_args: '--renew-hook "systemctl restart nginx"'
+    ssl_certificate: '{{ cert_certificate }}'
+    ssl_certificate_key: '{{ cert_key }}'