Add functionality by copy-pasting pre-generated certs to vm and update README.md

This commit includes the pre-generated certs in the files/certs
directory. README.md was thoroughly updated to include an example of
using certbot with this role and how to import the root.crt to Firefox.

tasks/main.yml

@@ -18,8 +18,31 @@
     owner: root
     group: root
     mode: '0644'
-  notify: Restart Caddy
 
+- name: Ensure Caddy authorities directory exists
+  ansible.builtin.file:
+    path: /var/lib/caddy/.local/share/caddy/pki/authorities/local
+    state: directory
+    owner: caddy
+    group: caddy
+    mode: '0700'
+    become: yes
+
+# Copy the pre-generated certs from files/certs folder to Caddy, 
+# so that you only need to import the root.crt once for all .local domains
+- name: Deploy Caddy root certificates
+  vars:
+    cert_list: "{{ lookup('fileglob', role_path + '/files/certs/*', wantlist=True) | map('basename') | list }}"
+  ansible.builtin.copy:
+    src: "certs/{{ item }}"
+    dest: "{{ caddy_authorities_path }}/{{ item }}"
+    owner: caddy
+    group: caddy
+    mode: '0600'
+    force: yes
+
+  loop: "{{ cert_list }}"
+  become: yes
 - name: Ensure Caddy root directory exists
   ansible.builtin.file:
     path: "{{ caddy_root }}"
@@ -34,9 +57,17 @@
     state: started
     enabled: true
 
+- name: Restart Caddy
+  become: yes
+  ansible.builtin.service:
+    name: "{{ caddy_service_name }}"
+    state: restarted
+
+# By default don't trust as its not usually needed
 - name: Trust Caddy local CA
   copy:
     src: /var/lib/caddy/.local/share/caddy/pki/authorities/local/root.crt
     dest: /usr/local/share/ca-certificates/caddy-local.crt
     remote_src: yes
-  notify: Update CA trust
+  notify: Update CA trust
+  when: caddy_trust_local_ca | default(false) | bool