We can use a command-line tool offered by Let's Encrypt to get free SSL/TLS certificates in an open, automated manner. 

The tool is capable of reading and understanding an nginx virtual host file and generating the relevant certificates completely automatically, without any kind of manual intervention:

- name: adding certbot ppa  apt_repository:    repo: "ppa:certbot/certbot"- name: install certbot  apt:    name: "{{ item }}"    update_cache: yes    state: present  with_items:    - python-certbot-nginx- name: check if we have generated a cert already  stat:    path: "/etc/letsencrypt/live/{{ website_domain_name }}/fullchain.pem"  register: cert_stats- name: run certbot to generate the certificates  shell: "certbot certonly --standalone ...