Here's an example of letting ansible provision certificates and test challenges against a dns provider from the stage api and then rolling on to the production api when it's successful. This ensures you don't hit an api limit with LE and that dns and challenge funcationality is working properly.
Note the task file is being reused and vars:
are passed like a function signature.
flags
is used in the pull.sh and server
/quiet
are used in the cli.ini. There's a cron element not shown here which would use a renewal
script once the initial pull is issued by ansible.
# ansible-playbook -i inventory le.yaml --tags test-letsencrypt-challenge
---
- import_tasks: issue-certificates.yml
vars: