certbot and nginx working

ansible/roles/certbot/tasks/main.yaml

@@ -17,7 +17,7 @@
     state: present
     update_cache: true
 
-- name: Template out the dns config file
+- name: Template out the rfc2136 credentials file
   when: certbot_dns_plugin == 'rfc2136'
   ansible.builtin.template:
     src: "{{ certbot_dns_plugin }}.conf.j2"
@@ -26,24 +26,30 @@
     group: root
     mode: '0600'
 
-- name: Register certbot account
-  ansible.builtin.command:
-    argv:
-      - "certbot register"
-      - "--agree-tos"
-      - "--email {{ certbot_email }}"
-      - "--no-eff-email"
-    creates: /etc/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/{{ certbot_email }}
+- name: Template out the certbot default config
+  ansible.builtin.template:
+    src: cli.ini.j2
+    dest: /etc/letsencrypt/cli.ini
+    owner: root
+    group: root
+    mode: '0644'
 
 - name: Request and install certificates
   ansible.builtin.command:
     argv:
-      - "certbot --nginx run -n"
-      - "--dns-{{ certbot_dns_plugin }}"
-      - "--dns-{{ certbot_dns_plugin }}-credentials /etc/letsencrypt/{{ certbot_dns_plugin }}.conf"
-      - "-d {{ item }}"
+      - certbot
+      - certonly
+      - -n
+      - --dns-{{ certbot_dns_plugin }}
+      - --dns-{{ certbot_dns_plugin }}-credentials
+      - /etc/letsencrypt/{{ certbot_dns_plugin }}.conf
+      - --dns-rfc2136-propagation-seconds
+      - "{{ certbot_rfc2136_propagation_seconds | default(5) }}"
+      - -d
+      - "{{ item }}"
     creates: /etc/letsencrypt/live/{{ item }}/fullchain.pem
   loop: "{{ certbot_domains }}"
+  notify: "{{ certbot_notify }}"
 
 - name: Enable certbot renewal
   ansible.builtin.service: