ansible-role-os-bootstrap/tasks/pki_dir.yml

---
- name: pki_dir | Manage the PKI directory
  tags: [pki, ssl, ca, letsencrypt, tls, tls_certificate]
  block:
    - name: pki_dir | Ensure that the PKI directory exists
      ansible.builtin.file:
        path: "{{ pki_dir }}"
        state: directory
        owner: root
        group: root
        mode: "0755"

    - name: pki_dir | Ensure that the PKI subdirectories exist
      ansible.builtin.file:
        path: "{{ pki_dir }}/{{ item }}"
        state: directory
        owner: root
        group: root
        mode: "0755"
      loop: "{{ pki_subdirs }}"