add valid cert to internal communication

roles/webserver/tasks/main.yaml

@@ -20,6 +20,19 @@
     state: restarted
     enabled: yes
 
+- name: Generate certificate for all server instances
+  command:
+    cmd: certbot certonly --non-interactive --agree-tos -m tormakristof@tormakristof.eu --nginx -d {{item.domain}}
+  with_items: "{{ webserver }}"
+
+- name: "Generate certbot script"
+  ansible.builtin.template:
+    src: certbot.sh
+    dest: /etc/cron.weekly/certbot
+    owner: root
+    group: root
+    mode: '0700'
+
 - name: "Generate nginx configuration"
   ansible.builtin.template:
     src: nginx.conf