---
- name: Create certbot user '{{ certbot_user }}'
  user:
    name: "{{ certbot_user }}"
  become: True
  become_user: root
  when: not certbot_user == 'root'

- name: Deploy certbot
  block:
    - name: Install certbot
      package:
        name: certbot
        state: present

    - name: Create certbot environment
      file:
        path: "{{ item.name }}"
        state: directory
        mode: "{{ item.mode }}"
      with_items: "{{ certbot_environment }}"
      loop_control:
        label: "{{ item.name }}"

    - name: Deploy config file
      template:
        src: config/cli.ini.j2
        dest: "{{ certbot_config_dir }}/cli.ini"

    - name: Schedule certbot run
      cron:
        name: certbot - letsencrypt certs renewal
        minute: 55
        hour: 3
        user: "{{ certbot_user }}"
        job: >
          certbot
          --config-dir {{ certbot_config_dir }}
          --work-dir {{ certbot_work_dir }}
          --logs-dir {{ certbot_log_dir }}
          {{ certbot_command_arguments | join(' ') }}
        cron_file: "{{ certbot_cronfile | default(omit) }}"
      when: certbot_scheduler_enabled
  become: True
  become_user: "{{ certbot_user }}"