node_exporter now installs in includable config for the fqdn domain of the host

roles/service-node_exporter/tasks/main.yml

@@ -35,24 +35,6 @@
 - name: Ensure node_exporter nginx config is up to date
   template:
     src: node_exporter_nginx.j2
-    dest: /etc/nginx/sites-available/node_exporter.conf
+    dest: "/etc/nginx/site-include/{{ ansible_fqdn }}/node_exporter.conf"
   notify: Reload nginx
 
-- stat:
-    path: "/var/lib/acme/live/{{ ansible_fqdn }}/privkey"
-  become: yes
-  register: gogs_key_file_stat
-
-- name: Let acmetool generate a key and a certificate
-  become: yes
-  when: not gogs_key_file_stat.stat.exists
-  shell: /usr/bin/acmetool want --batch {{ ansible_fqdn }}
-  notify: Restart nginx
-
-- name: Ensure unsecure node_exporter configuration for nginx is enabled
-  become: yes
-  file: 
-    state: link
-    dest: /etc/nginx/sites-enabled/node_exporter.conf
-    src: /etc/nginx/sites-available/node_exporter.conf 
-  notify: Reload nginx

roles/service-node_exporter/templates/node_exporter_nginx.j2

@@ -1,26 +1,15 @@
-server {
-  listen          443 ssl http2;
-  listen          [::]:443 ssl http2;
-  server_name     {{ ansible_fqdn }};
 
-  include /etc/nginx/ssl.conf;
 
-  ssl_certificate /var/lib/acme/live/{{ ansible_fqdn }}/fullchain;
-  ssl_certificate_key /var/lib/acme/live/{{ ansible_fqdn }}/privkey;
-
-  access_log off;
-
-  location /metrics {
-    if ($http_authorization != 'Bearer {{ node_exporter_authorization_token }}') {
-      return 403;
-    }
-    proxy_http_version      1.1;
-    proxy_set_header        Host $host;
-    proxy_set_header        X-Real-IP $remote_addr;
-    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
-    proxy_set_header        X-Forwarded-Proto $scheme;
-
-    proxy_pass              http://localhost:9100;
-    proxy_redirect          off;
+location /metrics {
+  if ($http_authorization != 'Bearer {{ node_exporter_authorization_token }}') {
+    return 403;
   }
-}
+  proxy_http_version      1.1;
+  proxy_set_header        Host $host;
+  proxy_set_header        X-Real-IP $remote_addr;
+  proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
+  proxy_set_header        X-Forwarded-Proto $scheme;
+
+  proxy_pass              http://localhost:9100;
+  proxy_redirect          off;
+}