# dh2048 - name: create dh2048 file command: openssl dhparam -out /etc/ssl/dh2048.pem 2048 args: creates: "/etc/ssl/dh2048.pem" # lets encrypt tiny - name: clone lets-encrypt-tiny git: dest: /var/lib/letsencrypt/lets-encrypt-tiny repo: 'https://git.ralfj.de/lets-encrypt-tiny.git' version: 1b15f25eb3f15859f0e0c8f584dcd423fc24a11c - name: obtain certificate command: /var/lib/letsencrypt/lets-encrypt-tiny/letsencrypt-tiny -c /var/lib/letsencrypt/live.conf init args: creates: "/etc/ssl/mycerts/letsencrypt/live.crt" - name: create lets-encrypt-tiny crontab entry cron: name: "lets-encrypt-tiny" hour: "7" minute: "42" job: "/var/lib/letsencrypt/lets-encrypt-tiny/letsencrypt-tiny -c /var/lib/letsencrypt/live.conf -k cron" - name: create certcheck crontab entry cron: name: "certcheck" hour: "9" minute: "42" job: "/var/lib/letsencrypt/lets-encrypt-tiny/certcheck /etc/ssl/mycerts/ -d 14"