certbot for dev

ansible/roles/certbot/tasks/main.yaml

@@ -26,6 +26,15 @@
     group: root
     mode: '0600'
 
+- name: Template out cloudflare credentials file
+  when: certbot_dns_plugin == 'cloudflare'
+  ansible.builtin.template:
+    src: "{{ certbot_dns_plugin }}.conf.j2"
+    dest: "/etc/letsencrypt/{{ certbot_dns_plugin }}.conf"
+    owner: root
+    group: root
+    mode: '0600'
+
 - name: Template out the certbot default config
   ansible.builtin.template:
     src: cli.ini.j2
@@ -43,8 +52,8 @@
       - --dns-{{ certbot_dns_plugin }}
       - --dns-{{ certbot_dns_plugin }}-credentials
       - /etc/letsencrypt/{{ certbot_dns_plugin }}.conf
-      - --dns-rfc2136-propagation-seconds
-      - "{{ certbot_rfc2136_propagation_seconds | default(5) }}"
+      - --dns-{{ certbot_dns_plugin }}-propagation-seconds
+      - "{{ certbot_dns_propagation_seconds | default(10) }}"
       - -d
       - "{{ item }}"
     creates: /etc/letsencrypt/live/{{ item }}/fullchain.pem

ansible/roles/certbot/templates/cloudflare.conf.j2

@@ -0,0 +1 @@
+dns_cloudflare_api_token = {{ certbot_cloudflare_api_token }}