From 34d30d68f1189be59ed85e6b51cfc8ead0948f3f Mon Sep 17 00:00:00 2001
From: VC <veretcle+framagit@mateu.be>
Date: Fri, 5 Jul 2024 11:53:40 +0200
Subject: [PATCH] feat: ensure letsencrypt is always selected

---
 roles/x509/tasks/main.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/roles/x509/tasks/main.yml b/roles/x509/tasks/main.yml
index b58e9e8..d9742b3 100644
--- a/roles/x509/tasks/main.yml
+++ b/roles/x509/tasks/main.yml
@@ -7,3 +7,8 @@
       curl https://get.acme.sh | INSTALLONLINE=1 LE_WORKING_DIR=/etc/x509 sh  # noqa: command-instead-of-module
     executable: /bin/bash
     creates: /etc/x509
+
+- name: Set default CA
+  ansible.builtin.command: /etc/x509/acme.sh --set-default-ca  --server  letsencrypt
+  register: acme_output
+  changed_when: acme_output.rc != 0