From cbe5e095e8537565a2a49f57ddec4a39c32a93cb Mon Sep 17 00:00:00 2001
From: Lucas <116588+hairmare@users.noreply.github.com>
Date: Wed, 18 Dec 2024 17:09:50 +0100
Subject: [PATCH] fix: only run commands when they are needed (#10)

---
 roles/certbot/tasks/main.yml | 26 +++++++++++++++++++++-----
 roles/certbot/tests/test.yml |  3 ++-
 2 files changed, 23 insertions(+), 6 deletions(-)

diff --git a/roles/certbot/tasks/main.yml b/roles/certbot/tasks/main.yml
index 598622d..f57463a 100644
--- a/roles/certbot/tasks/main.yml
+++ b/roles/certbot/tasks/main.yml
@@ -37,14 +37,30 @@
   ansible.builtin.lineinfile:
     path: "{{ certbot_certbot_sysconfig_path }}"
     regexp: "^DEPLOY_HOOK="
-    line: DEPLOY_HOOK="--deploy-hook /usr/local/libexec/cert_sync.sh"
+    line: DEPLOY_HOOK="--deploy-hook {{ certbot_certsync_script_path }}"
 
 - name: Add certificates to certbot
-  ansible.builtin.command: "{{ certbot_certbot_binary_path }} certonly \
-    --standalone \
-    --deploy-hook '/usr/local/libexec/cert_sync.sh'
-    --domains {{ item }}"
+  ansible.builtin.command:
+    argv:
+      - "{{ certbot_certbot_binary_path }}"
+      - certonly
+      - --standalone
+      - --deploy-hook
+      - "{{ certbot_certsync_script_path }}"
+      - --domains={{ item }}
+    creates: "{{ certbot_certificates_src }}/{{ item }}/cert.pem"
+  register: _certbot_certbot_certonly
+  changed_when: _certbot_certbot_certonly.rc
   loop: "{{ certbot_certificates }}"
 
+- name: Check ACME Account
+  ansible.builtin.command: "{{ certbot_certbot_binary_path }} show_account"
+  register: _certbot_certbot_show_account
+  changed_when: false
+  check_mode: false
+
 - name: Update ACME account
   ansible.builtin.command: "{{ certbot_certbot_binary_path }} update_account"
+  when: certbot_acme_account_mail not in _certbot_certbot_show_account.stdout
+  register: _certbot_certbot_update_account
+  changed_when: _certbot_certbot_update_account.rc
diff --git a/roles/certbot/tests/test.yml b/roles/certbot/tests/test.yml
index d9df338..d6b4ac9 100644
--- a/roles/certbot/tests/test.yml
+++ b/roles/certbot/tests/test.yml
@@ -1,5 +1,6 @@
 ---
-- hosts: localhost
+- name: Test certbot role
+  hosts: localhost
   remote_user: root
   roles:
     - certbot