A default config for acmetool is now added

roles/service-nginx/tasks/acmetool.yml

@@ -10,6 +10,11 @@
 - name: ensure acmetool is installed
   apt: name=acmetool install_recommends=no
 
+- name: Ensure acmetool config is up to date
+  template: 
+    src: acme_config.j2
+    dest: /var/lib/acme/conf/target
+
 - name: Ensure acmetool cronjob is installed
   cron:
     name: "Renew Let's Encrypt certificates"

roles/service-nginx/templates/acme_config.j2

@@ -0,0 +1,5 @@
+request:
+  provider: https://acme-v01.api.letsencrypt.org/directory
+  key:
+    type: rsa
+    rsa-size: 4096