Add snakeoil certs

meta/main.yml

@@ -1,4 +1,5 @@
 galaxy_info:
   role_name: nginx
 
-dependencies: []
+dependencies: 
+  - ssl-snakeoil

tasks/main.yml

@@ -1,4 +1,5 @@
 - name: Install packages.
+  become: true
   tags: nginx
   ansible.builtin.package:
     state: present
@@ -7,11 +8,19 @@
   register: nginx_installed
 
 - name: Backup default nginx config
+  become: true
   command: mv /etc/nginx /etc/nginx.orig
   when: nginx_installed.changed == true
   register: nginx_original_config_backup
     
+- name: Add ssl-cert group to www-data
+  become: true
+  command: usermod -a -G ssl-cert www-data
+  when: nginx_installed.changed == true
+  register: nginx_group_added
+
 - name: Clone h5bp nginx config.
+  become: true
   tags: nginx
   ansible.builtin.git:
     repo: https://github.com/h5bp/server-configs-nginx
@@ -21,10 +30,17 @@
   when: nginx_original_config_backup.changed == true
 
 - name: Copy default fastcgi_params back to h5bp nginx config.
+  become: true
   command: cp /etc/nginx.orig/fastcgi_params /etc/nginx
   when: nginx_original_config_backup.changed == true
 
+- name: Copy default snakeoil.conf back to h5bp nginx config.
+  become: true
+  command: cp /etc/nginx.orig/snippets/snakeoil.conf /etc/nginx
+  when: nginx_original_config_backup.changed == true
+
 - name: Remove default nginx directory.
+  become: true
   tags: nginx
   ansible.builtin.file:
     path: /etc/nginx.orig