---
- name: Create certbot user '{{ certbot_user }}'
  user:
    name: "{{ certbot_user }}"
  become: True
  become_user: root
  when: not certbot_user == 'root'

- name: Deploy certbot
  block:
    - name: Install certbot
      package:
        name: certbot
        state: present

    - name: Create certbot environment
      file:
        path: "{{ item.name }}"
        state: directory
        mode: "{{ item.mode }}"
      with_items: "{{ certbot_environment }}"
      loop_control:
        label: "{{ item.name }}"

    - name: Deploy config file
      template:
        src: config/cli.ini.j2
        dest: "{{ certbot_config_dir }}/cli.ini"

    - name: Schedule certbot run
      cron:
        name: certbot - letsencrypt certs renewal
        minute: 55
        hour: 3
        user: "{{ certbot_user }}"
        job: "certbot {{ certbot_command_arguments | join(" ") }}"
        cron_file: "{{ certbot_cronfile | default(omit) }}"
  become: True
  become_user: "{{ certbot_user }}"