1 files changed, 14 insertions, 6 deletions

diff --git a/playbook.yaml b/playbook.yaml
index 8c53a57..48b482a 100644
--- a/playbook.yaml
+++ b/playbook.yaml
@@ -28,19 +28,27 @@
       - WWW
       - XMPP
      become: true
-   - name: Ensure port 5000/tcp is open for XEP-0065
+   - name: Ensure tcp ports are open for other XEPs
      community.general.ufw:
       rule: allow
-      port: 5000
+      port: "{{ item }}"
       proto: tcp
       state: enabled
+     loop:
+      - 5000  # XEP-0065
+      - 5280  # XEP-0363
+      - 5281  # XEP-0363
      become: true
-   - name: Ensure port 5000/udp is open for XEP-0065
+   - name: Ensure udp ports are open for other XEPs
      community.general.ufw:
       rule: allow
-      port: 5000
+      port: "{{ item }}"
       proto: udp
       state: enabled
+     loop:
+      - 5000  # XEP-0065
+      - 5280  # XEP-0363
+      - 5281  # XEP-0363
      become: true
    - name: Ensure certbot on-renew hook is installed
      ansible.builtin.copy:
@@ -53,8 +61,8 @@
    - name: Ensure certificates are installed
      ansible.builtin.command: >-
       certbot --non-interactive --agree-tos --post-hook "/bin/true"
-      --email {{ certbot_email }} --no-eff-email --apache
-      --domains {{ virtual_host }}
+      --email {{ certbot_email }} --no-eff-email --expand --apache --keep
+      --domains {{ virtual_host }},upload.{{ virtual_host }}
      become: true
      register: certbot
      changed_when: "'Running post-hook command' in certbot.stdout"