- block: 
  - name: Install the socat utility, needed when using the http protocols to request the certificates
    yum: pkg=socat state=present

  - name: Install the git client if we are installing using git
    yum: pkg=git state=present
    when: letsencrypt_acme_sh_git_install

  - name: Activate the firewalld rule for the http, if we require certificates using the http protocol
    firewalld: service=http zone={{ firewalld_default_zone }} permanent=True state=enabled immediate=True
    with_items: '{{ letsencrypt_acme_sh_domains }}'
    when:
      - item.standalone is defined
      - firewalld_enabled is defined and firewalld_enabled
      - letsencrypt_firewalld_http_enabled_on_default_zone

  - name: Custom firewalld rule for http
    firewalld: service={{ item.service}} zone={{ item.zone }} permanent={{ item.permanent | default(True) }} state={{ item.state }} immediate=True
    with_items: '{{ letsencrypt_firewalld_services }}'
    when:
      - firewalld_enabled is defined and firewalld_enabled
      - not letsencrypt_firewalld_http_enabled_on_default_zone

  tags: [ 'letsencrypt', 'letsencrypt_acme_sh' ]