From 49aafaf5b8284cd085af5a4572505cebfa1a2ffb Mon Sep 17 00:00:00 2001
From: Kevin Veen-Birkenbach <kevin@veen.world>
Date: Tue, 4 Feb 2025 11:01:00 +0100
Subject: [PATCH] Solved redirect bug

---
 tasks/recieve-certbot-certificate.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/tasks/recieve-certbot-certificate.yml b/tasks/recieve-certbot-certificate.yml
index 001f2f58..bf70b1b5 100644
--- a/tasks/recieve-certbot-certificate.yml
+++ b/tasks/recieve-certbot-certificate.yml
@@ -4,9 +4,8 @@
     --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{ domain }}
     {{ '--test-cert' if mode_test | bool else '' }}
   when: 
-    - not enable_wildcard_certificate | bool  
+    - not enable_wildcard_certificate | bool or not (domain.split('.') | length == (primary_domain.split('.') | length + 1) and domain.endswith(primary_domain))
       # Wildcard certificate should not be used
-    - not (domain.split('.') | length == (primary_domain.split('.') | length + 1) and domain.endswith(primary_domain))
       # OR: The domain is not a first-level subdomain of the primary domain
 
 - name: "recieve wildcard certificate for *{{ primary_domain }}"
@@ -21,6 +20,8 @@
       # AND: The domain is a direct first-level subdomain of the primary domain
     - run_once_recieve_certificate is not defined  
       # Ensure this task runs only once for the wildcard certificate
+    - domain == primary_domain  
+      # The domain is the primary domain
 
 - name: "Cleanup dedicated cert for {{ domain }}"
   command: >-