diff --git a/ansible/roles/lego/defaults/main.yaml b/ansible/roles/lego/defaults/main.yaml
new file mode 100644
index 0000000..8ea650d
--- /dev/null
+++ b/ansible/roles/lego/defaults/main.yaml
@@ -0,0 +1 @@
+lego_method: dns
diff --git a/ansible/roles/lego/tasks/generate_cert.yaml b/ansible/roles/lego/tasks/generate_cert.yaml
index 4eb64b2..3f4ca70 100644
--- a/ansible/roles/lego/tasks/generate_cert.yaml
+++ b/ansible/roles/lego/tasks/generate_cert.yaml
@@ -1,12 +1,9 @@
-- name: Gather package facts
-  ansible.builtin.package_facts:
-    manager: auto  
-
 - name: Generate initial cert (http)
   command:
     cmd: /usr/local/bin/lego -a --email="{{ letsencrypt_email }}" --domains="{{ inventory_hostname | default(cert_domain) }}" --key-type {{ cert_key_type | default('rsa4096') }} --http run
     chdir: /root
     creates: "/root/.lego/certificates/{{ inventory_hostname | default(cert_domain) }}.crt"
+  when: lego_method == 'http'
 
 - name: Generate initial cert (dns)
   command:
@@ -17,3 +14,4 @@
       LINODE_POLLING_INTERVAL: 120
       LINODE_PROPAGATION_TIMEOUT: 600
       LINODE_TOKEN: {{ linode_dns_token }}
+  when: lego_method == 'dns'