Docker host and docker registry

roles/certbot/tasks/main.yml

@@ -0,0 +1,32 @@
+---
+# main task for installing Let's Encrypt's certbot tool
+# https://certbot.eff.org/#ubuntuxenial-other
+
+- name: install certbot on ubuntu 16.04
+  apt:
+    state: latest
+    package: "{{ item }}"
+    update_cache: yes
+    cache_valid_time: 3600
+  with_items:
+    - "letsencrypt"
+  when: ansible_os_family == "Debian"
+
+
+- name: create first certificates
+  command: "letsencrypt certonly --webroot -w /var/www/xai-corp.net -d {{ item }}"
+  args:
+    creates: /etc/letsencrypt/live/{{ item }}/cert.pem
+  with_items:
+    - xai-corp.net
+    - www.xai-corp.net
+    - dkregistry.xai-corp.net
+    - sql.xai-corp.net
+
+- name: cron job for renewing certs
+  cron:
+    name: renew let's encrypt certificates
+    state: present
+    user: root
+    day: "*/2"
+    job: "letsencrypt renew "