From 3858d3bc1d7f09f7d57782a25ff1e7b00944e6ef Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adolfo=20Ochagav=C3=ADa?= <github@adolfo.ochagavia.nl>
Date: Tue, 12 Dec 2023 10:40:06 +0100
Subject: [PATCH] ansible: run certificate renewal cronjob as root

Otherwise the job will be properly registered, but every run will fail
due to lack of permissions.
---
 ansible/roles/nginx/tasks/main.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ansible/roles/nginx/tasks/main.yml b/ansible/roles/nginx/tasks/main.yml
index 7edbf2d..3cc90fc 100644
--- a/ansible/roles/nginx/tasks/main.yml
+++ b/ansible/roles/nginx/tasks/main.yml
@@ -38,6 +38,8 @@
     state: reloaded
     enabled: true
 - name: Setup cronjob for certificate renewal
+  become: true
+  become_user: root
   ansible.builtin.cron:
     name: certbot-renewal
     job: /bin/bash -lc 'certbot -q renew'