---
- name: Install certbot and RFC2136 plugin
  apt:
    update_cache: true
    name:
      - certbot
      - python3-certbot-dns-rfc2136
    state: present
  register: apt_result
  retries: 3
  until: apt_result is succeeded

- name: Lookup DNS masters IPv4
  set_fact:
    #dns_masters_ipv4: "{{ bind.masters | json_query('servers[].interface[?vlan_id==`2`].ipv4[]') }}"
    dns_masters_ipv4:
      - "185.230.79.9"
    cacheable: true

- name: Add DNS credentials
  template:
    src: letsencrypt/rfc2136.ini.j2
    dest: /etc/letsencrypt/rfc2136.ini
    mode: 0600
    owner: root

- name: Create /etc/letsencrypt/conf.d
  file:
    path: /etc/letsencrypt/conf.d
    state: directory

- name: Add Certbot configuration
  template:
    src: "letsencrypt/conf.d/certname.ini.j2"
    dest: "/etc/letsencrypt/conf.d/{{ certbot.certname }}.ini"
    mode: 0644