Fix all 300+ ansible-lint-reported errors

roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt_obtain_for_domain.yml

@@ -51,6 +51,7 @@
     --agree-tos
     --email={{ matrix_ssl_lets_encrypt_support_email }}
     -d {{ domain_name }}
+  changed_when: true
   when: domain_name_needs_cert | bool
   register: result_certbot_direct
   ignore_errors: true
@@ -81,6 +82,7 @@
     --agree-tos
     --email={{ matrix_ssl_lets_encrypt_support_email }}
     -d {{ domain_name }}
+  changed_when: true
   when: "domain_name_needs_cert and result_certbot_direct.failed"
   register: result_certbot_proxy
   ignore_errors: true

roles/custom/matrix-nginx-proxy/tasks/ssl/setup_ssl_self_signed_obtain_for_domain.yml

@@ -28,16 +28,19 @@
 #
 # We'll do it in a more manual way.
 - name: Generate SSL certificate
-  ansible.builtin.command: |
-    openssl req -x509 \
-    -sha256 \
-    -newkey rsa:4096 \
-    -nodes \
-    -subj "/CN={{ domain_name }}" \
-    -keyout {{ matrix_ssl_certificate_cert_key_path }} \
-    -out {{ matrix_ssl_certificate_cert_path }} \
-    -days 3650
   when: "not matrix_ssl_certificate_cert_path_stat_result.stat.exists"
+  ansible.builtin.command:
+    cmd: |
+      openssl req -x509 \
+      -sha256 \
+      -newkey rsa:4096 \
+      -nodes \
+      -subj "/CN={{ domain_name }}" \
+      -keyout {{ matrix_ssl_certificate_cert_key_path }} \
+      -out {{ matrix_ssl_certificate_cert_path }} \
+      -days 3650
+    # Well, this creates 2 files, but Ansible can only check 1.
+    creates: "{{ matrix_ssl_certificate_cert_path }}"
 
 - name: Adjust SSL certificate file ownership
   ansible.builtin.file: