From fa236fa0b6459dfc3b4aae69aa0a6330c41258b1 Mon Sep 17 00:00:00 2001
From: Erik Stambaugh <erik@erikstambaugh.com>
Date: Mon, 22 Jan 2024 19:25:52 -0800
Subject: [PATCH] Fix certbot playbook not running on fresh install

---
 ansible/roles/certbot/tasks/main.yaml | 25 +++++++++++++++++--------
 1 file changed, 17 insertions(+), 8 deletions(-)

diff --git a/ansible/roles/certbot/tasks/main.yaml b/ansible/roles/certbot/tasks/main.yaml
index b094e8a..20168ac 100644
--- a/ansible/roles/certbot/tasks/main.yaml
+++ b/ansible/roles/certbot/tasks/main.yaml
@@ -48,20 +48,29 @@
       ssl_stapling_verify on;
 
 - name: create the dir for the cert if needed
-  command: "docker exec -t certbot mkdir -p /etc/letsencrypt/live/{{domain_name}}/"
-  args:
-    creates: "/srv/certbot/etc/live/{{domain_name}}"
-
-- name: seed a fake cert if needed
-  command: "docker exec -t certbot openssl req -nodes -new -x509 -subj '/CN=localhost' -out /etc/letsencrypt/live/{{domain_name}}/fullchain.pem -keyout /etc/letsencrypt/live/{{domain_name}}/privkey.pem"
-  args:
-    creates: "/srv/certbot/etc/live/{{domain_name}}/fullchain.pem"
+  file:
+    path: "/srv/certbot/etc/live/{{domain_name}}"
+    state: directory
+    recurse: true
 
 - name: launch certbot
   command: docker compose up -d
   args:
     chdir: /srv/certbot
 
+- name: seed a fake cert if needed
+  command: "docker exec -t certbot openssl req -nodes -new -x509 -subj '/CN=localhost' -out /etc/letsencrypt/live/{{domain_name}}/fullchain.pem -keyout /etc/letsencrypt/live/{{domain_name}}/privkey.pem"
+  args:
+    chdir: /srv/certbot
+    creates: "/srv/certbot/etc/live/{{domain_name}}/fullchain.pem"
+  register: mkcert
+
+- name: restart certbot
+  command: docker compose restart
+  args:
+    chdir: /srv/certbot
+  when: mkcert.changed
+
 - name: restart certbot
   command: docker compose restart
   args: