--- - name: generate acme-client configuration ansible.builtin.template: src: acme-client.conf.j2 dest: "{{ acme_configuration_file }}" owner: 0 group: 0 mode: 0644 - name: retrieve enabled domains # noqa: no-changed-when ansible.builtin.shell: | set -o pipefail grep "^domain" /etc/acme-client.conf | cut -d " " -f 2 register: subdomains - name: generate acme certificates # noqa: no-changed-when ansible.builtin.command: acme-client -v {{ item }} loop: "{{ subdomains.stdout_lines }}" register: result failed_when: - result.rc != 0 - "'certificate valid' not in result.stderr" - name: display registered certificates ansible.builtin.debug: var: result - name: enable automatic acme certificates update ansible.builtin.cron: name: "automatic acme certificates update for subdomain : {{ item }}" minute: 0 hour: 6,18 job: "acme-client -v {{ item }} && rcctl reload relayd" loop: "{{ subdomains.stdout_lines }}"