From 502e0188ed2c5e58bebe30efec227079f2ec9b4b Mon Sep 17 00:00:00 2001
From: Jonathan DeMasi <me@jthan.io>
Date: Fri, 6 Feb 2026 21:45:55 -0700
Subject: [PATCH] I refactored the lego stuff before and did not fix this

---
 ansible/roles/nginx/tasks/main.yaml | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/ansible/roles/nginx/tasks/main.yaml b/ansible/roles/nginx/tasks/main.yaml
index 85fcd4b..9b3bda3 100644
--- a/ansible/roles/nginx/tasks/main.yaml
+++ b/ansible/roles/nginx/tasks/main.yaml
@@ -32,6 +32,27 @@
   notify: Restart nginx
   when: nginx_ssl_enabled
 
+- name: Copy SSL certificate into place for SSL enabled nginx server
+  copy:
+    src: /root/.lego/certificates/{{ inventory_hostname }}.crt
+    dest: /etc/nginx/ssl/{{ inventory_hostname }}.crt
+    owner: nginx
+    group: nginx
+    mode: 0600
+    remote_src: true
+  when: nginx_ssl_enabled
+
+- name: Copy SSL key into place for SSL enabled nginx server
+  copy:
+    src: /root/.lego/certificates/{{ inventory_hostname }}.key
+    dest: /etc/nginx/ssl/{{ inventory_hostname }}.key
+    owner: nginx
+    group: nginx
+    mode: 0600
+    remote_src: true
+  when: nginx_ssl_enabled
+
+
 - name: Create web root
   file:
     path: /srv/http/{{ inventory_hostname }}/html