chore: lots of changes

ansible/roles/webserver/tasks/main.yml

@@ -0,0 +1,50 @@
+- name: Certbot + Plugin installieren
+  apt:
+    name:
+      - certbot
+      - python3-certbot-nginx
+    state: present
+    update_cache: yes
+  when: letsencrypt_enabled
+
+- name: Challenge-Verzeichnis für Let's Encrypt anlegen
+  file:
+    path: "{{ app_public }}/.well-known/acme-challenge"
+    state: directory
+    owner: www-data
+    group: www-data
+    mode: '0755'
+    recurse: yes
+  when: letsencrypt_enabled and letsencrypt_certbot_method == 'webroot'
+
+- name: Stoppe Nginx für Standalone-Methode
+  service:
+    name: nginx
+    state: stopped
+  when: letsencrypt_enabled and letsencrypt_certbot_method == 'standalone'
+
+- name: Let's Encrypt Zertifikat anfordern (Standalone)
+  command: >
+    certbot certonly --standalone -n --agree-tos
+    -m {{ app_email }}
+    -d {{ app_domain }}
+  args:
+    creates: /etc/letsencrypt/live/{{ app_domain }}/fullchain.pem
+  when: letsencrypt_enabled and letsencrypt_certbot_method == 'standalone'
+
+- name: Let's Encrypt Zertifikat anfordern (Webroot)
+  command: >
+    certbot certonly --webroot -w {{ app_public }} -n --agree-tos
+    -m {{ app_email }}
+    -d {{ app_domain }}
+  args:
+    creates: /etc/letsencrypt/live/{{ app_domain }}/fullchain.pem
+  when: letsencrypt_enabled and letsencrypt_certbot_method == 'webroot'
+
+- name: Kopiere SSL-Zertifikate für Docker
+  copy:
+    src: "/etc/letsencrypt/live/{{ app_domain }}/"
+    dest: "{{ app_root }}/ssl/"
+    remote_src: yes
+    mode: '0644'
+  when: letsencrypt_enabled