add le config

main.yml

@@ -2,9 +2,26 @@
 
 - hosts: all
   vars:
+   nftables_tcp_dports: "22, 80, 443"
+   nginx_letsencrypt_email: "le@hazardous.org"
+   nginx_hosts: [
+   {
+      default: true,
+      domain_name: "globaleaks-host.hazardous.org",
+      reverse_hosts: [
+        {
+          protocol: "http",
+          path: "/",
+          host: "127.0.0.1",
+          port: "8443"
+        }
+      ]
+    }
+  ]
   roles:
    - ansible-debian-nftables 
    - ansible-debian-baseline
    - ansible-debian-ntp
    - ansible-podman-host
    - ansible-globaleaks-podman
+   - ansible-nginx-letsencrypt