Optimized READMEs

roles/nginx-docker-cert-deploy/CONFIGURATION.md

@@ -0,0 +1,19 @@
+# Configuration Options 📋
+
+## One Wildcard Certificate for All Subdomains
+
+By default, each subdomain gets its own certificate. You can **enable a wildcard certificate** by setting:
+
+```yaml
+enable_wildcard_certificate: true
+```
+
+## Pros & Cons of a Wildcard Certificate
+### Pros
+- ✅ **Improves performance** by reducing TLS handshakes.  
+- ✅ **Simplifies certificate management** (one cert for all subdomains).  
+### Cons
+- ⚠ **Requires manual DNS challenge setup** for Let's Encrypt.  
+- ⚠ **Needs additional configuration for automation** (see below).  
+
+If enabled, update your inventory file and follow the **[manual wildcard certificate setup](SETUP.md)**.

roles/nginx-docker-cert-deploy/README.md

@@ -17,25 +17,6 @@ This Ansible role simplifies the deployment of **Let's Encrypt certificates** in
 
 ---
 
-## 📋 **Configuration Options**
-
-### 🔹 **One Wildcard Certificate for All Subdomains**
-By default, each subdomain gets its own certificate. You can **enable a wildcard certificate** by setting:
-
-```yaml
-enable_wildcard_certificate: true
-```
-
-📌 **Pros & Cons of a Wildcard Certificate:**
-✅ **Improves performance** by reducing TLS handshakes.  
-✅ **Simplifies certificate management** (one cert for all subdomains).  
-⚠ **Requires manual DNS challenge setup** for Let's Encrypt.  
-⚠ **Needs additional configuration for automation** (see below).  
-
-If enabled, update your inventory file and follow the **manual wildcard certificate setup** below.
-
----
-
 ## 🔧 **Tasks Overview**
 
 ### **1️⃣ Main Tasks**
@@ -57,64 +38,6 @@ If enabled, update your inventory file and follow the **manual wildcard certific
 
 ---
 
-## **🔐 Wildcard Certificate Setup with Let's Encrypt**
-If you enabled `enable_wildcard_certificate`, follow these steps to manually request a **wildcard certificate**.
-
-### **1️⃣ Run the Certbot Command 🖥️**
-```sh
-certbot certonly --manual --preferred-challenges=dns --agree-tos \
---email administrator@primary_domain -d primary_domain -d "*.primary_domain"
-```
-
-### **2️⃣ Add DNS TXT Record for Validation 📜**
-Certbot will prompt you to add a DNS TXT record:
-```
-Please create a TXT record under the name:
-_acme-challenge.primary_domain.
-
-with the following value:
-9oVizYIYVGlZ3VtWQIKRS5UghyXiqGoUNlCtIE7LiA
-```
-➡ **Go to your DNS provider** and create a new **TXT record**:  
-   - **Host:** `_acme-challenge.primary_domain`  
-   - **Value:** `"9oVizYIYVGlZ3VtWQIKRS5UghyXiqGoUNlCtIE7LiA"`  
-   - **TTL:** Set to **300 seconds (or lowest possible)**  
-
-✅ **Verify the DNS record** before continuing:  
-```sh
-dig TXT _acme-challenge.primary_domain @8.8.8.8
-```
-
-### **3️⃣ Complete the Certificate Request ✅**
-Once the DNS changes have propagated, **press Enter** in the Certbot terminal.  
-If successful, Certbot will save the certificates under:  
-```
-/etc/letsencrypt/live/primary_domain/
-```
-- **fullchain.pem** → The certificate  
-- **privkey.pem** → The private key  
-
----
-
-## **📂 File & Directory Structure**
-```sh
-roles/nginx-docker-cert-deploy/
-├── files/
-│   ├── nginx-docker-cert-deploy.sh  # Deployment script
-├── handlers/
-│   ├── main.yml  # Restart Nginx handler
-├── meta/
-│   ├── main.yml  # Dependencies
-├── tasks/
-│   ├── main.yml  # Main Ansible tasks
-├── templates/
-│   ├── nginx-docker-cert-deploy.service.j2  # Systemd service template
-├── vars/
-│   ├── main.yml  # Variable definitions
-```
-
----
-
 ## **🔧 Deploying Certificates into Docker Containers**
 The role **automates copying certificates** into Docker Compose setups.
 
@@ -129,20 +52,6 @@ This script:
 sh nginx-docker-cert-deploy.sh primary_domain /path/to/docker/compose
 ```
 
-### **2️⃣ Systemd Service & Timer**
-The role includes a **`systemd` service** that runs the deployment script whenever certificates are updated.
-
-Example `nginx-docker-cert-deploy.service.j2`:
-```ini
-[Unit]
-Description=Let's Encrypt deploy to {{docker_compose.directories.instance}}
-OnFailure=systemd-notifier.cymais@%n.service
-
-[Service]
-Type=oneshot
-ExecStart=/usr/bin/bash {{path_administrator_scripts}}/nginx-docker-cert-deploy.sh {{primary_domain}} {{docker_compose.directories.instance}}
-```
-
 ---
 
 ## 🎯 **Summary**

roles/nginx-docker-cert-deploy/SETUP.md

@@ -0,0 +1,36 @@
+## **🔐 Wildcard Certificate Setup with Let's Encrypt**
+If you enabled `enable_wildcard_certificate`, follow these steps to manually request a **wildcard certificate**.
+
+### **1️⃣ Run the Certbot Command 🖥️**
+```sh
+certbot certonly --manual --preferred-challenges=dns --agree-tos \
+--email administrator@primary_domain -d primary_domain -d "*.primary_domain"
+```
+
+### **2️⃣ Add DNS TXT Record for Validation 📜**
+Certbot will prompt you to add a DNS TXT record:
+```
+Please create a TXT record under the name:
+_acme-challenge.primary_domain.
+
+with the following value:
+9oVizYIYVGlZ3VtWQIKRS5UghyXiqGoUNlCtIE7LiA
+```
+➡ **Go to your DNS provider** and create a new **TXT record**:  
+   - **Host:** `_acme-challenge.primary_domain`  
+   - **Value:** `"9oVizYIYVGlZ3VtWQIKRS5UghyXiqGoUNlCtIE7LiA"`  
+   - **TTL:** Set to **300 seconds (or lowest possible)**  
+
+✅ **Verify the DNS record** before continuing:  
+```sh
+dig TXT _acme-challenge.primary_domain @8.8.8.8
+```
+
+### **3️⃣ Complete the Certificate Request ✅**
+Once the DNS changes have propagated, **press Enter** in the Certbot terminal.  
+If successful, Certbot will save the certificates under:  
+```
+/etc/letsencrypt/live/primary_domain/
+```
+- **fullchain.pem** → The certificate  
+- **privkey.pem** → The private key