ansible-nginx/tasks/install/acme.yml

---

- name: STAT | Check acme.sh is installed
  ansible.builtin.stat:
    path: "{{ nginx_acmesh_dir }}"
  register: acme

- block:

    - name: APT | Install git
      ansible.builtin.apt:
        pkg: git

    - name: GIT | Get acme.sh
      ansible.builtin.git:
        repo: 'https://github.com/Neilpang/acme.sh.git'
        dest: '{{ nginx_acmesh_git_dir }}'
        update: false
        version: master

    - name: COMMAND | Install acme.sh
      ansible.builtin.command: ./acme.sh --install --home "{{ nginx_acmesh_dir }}"
      args:
        chdir: "{{ nginx_acmesh_git_dir }}"
        creates: "{{ nginx_acmesh_dir }}"

    - name: COMMAND | Force acme.sh to use letsencrypt (instead of zerossl)
      ansible.builtin.command: '{{ nginx_acmesh_dir }}/acme.sh --set-default-ca --server letsencrypt --home "{{ nginx_acmesh_dir }}"'

  when: not acme.stat.exists

- name: FILE | Remove temp acme.sh dir
  ansible.builtin.file:
    path: '{{ nginx_acmesh_git_dir }}'
    state: absent