added vhost option 'ssl' to create self-signed ssl certificates

tasks/vhosts.yml

@@ -12,6 +12,17 @@
     state: directory
   notify: reload nginx
 
+- name: Create self-signed ssl certificates.
+  x509_certificate:
+    key_path: '/etc/ssl/private/{{vhost.server_name}}.key'
+    cert_path: '/etc/ssl/certs/{{vhost.server_name}}.pem'
+    common_name: '{{vhost.server_name}}'
+  when: vhost.ssl | default(false)
+  loop_control:
+    loop_var: vhost
+  with_items: '{{nginx_vhosts|default([])}}'
+  register: vhosts_x509
+
 - name: Add managed vhost config file (if any vhosts are configured).
   template:
     src: vhosts.j2

templates/vhosts.j2

@@ -1,6 +1,15 @@
-{% for vhost in nginx_vhosts %}
+{% for x509 in vhosts_x509.results %}
+
+{%- set vhost = x509.vhost -%}
+
 server {
+{% if vhost.ssl is defined and vhost.ssl %}
+    listen {{ vhost.listen | default('443') }} ssl;
+    ssl_certificate "{{ x509.cert_path }}";
+    ssl_certificate_key "{{ x509.key_path }}";
+{% else %}
     listen {{ vhost.listen | default('80 default_server') }};
+{% endif %}
 
 {% if vhost.server_name is defined %}
     server_name {{ vhost.server_name }};