diff --git a/ansible/provision.yml b/ansible/provision.yml
index 8dd27b0f..cec69e7c 100644
--- a/ansible/provision.yml
+++ b/ansible/provision.yml
@@ -6,12 +6,36 @@
      - ./vars/main.yml
 
   vars:
+    certbot_create_if_missing: yes
+    certbot_admin_email: opdavies+https@gmail.com
+    certbot_certs:
+      - email: '{{ certbot_admin_email }}'
+        domains:
+          - oliverdavi.es
+          - www.oliverdavi.es
+      - domains:
+          - oliverdavies.uk
+          - www.oliverdavies.uk
     nginx_vhosts:
       - listen: 80
         server_name: 'oliverdavi.es www.oliverdavi.es'
         return: 301 https://{{ server_name }}$request_uri
         filename: oliverdavi.es.80.conf
 
+      - listen: 80
+        server_name: 'oliverdavies.uk www.oliverdavies.uk'
+        return: 301 https://{{ server_name }}$request_uri
+        filename: oliverdavies.uk.80.conf
+
+      - listen: 443 ssl
+        server_name: 'oliverdavies.uk www.oliverdavies.uk'
+        extra_parameters: |
+          ssl_certificate /etc/letsencrypt/live/oliverdavies.uk/fullchain.pem;
+          ssl_certificate_key /etc/letsencrypt/live/oliverdavies.uk/privkey.pem;
+          ssl_trusted_certificate /etc/letsencrypt/live/oliverdavies.uk/fullchain.pem;
+        return: 301 https://{{ server_name }}$request_uri
+        filename: oliverdavies.uk.443.conf
+
       - listen: 443 ssl
         server_name: oliverdavi.es
         extra_parameters: |
@@ -180,4 +204,7 @@
         filename: www.oliverdavi.es.443.conf
 
   roles:
+    - name: geerlingguy.certbot
+      tags: ['certbot']
     - name: geerlingguy.nginx
+      tags: ['nginx']
diff --git a/ansible/requirements.yml b/ansible/requirements.yml
index 67ebe09d..fdaadab9 100644
--- a/ansible/requirements.yml
+++ b/ansible/requirements.yml
@@ -1,3 +1,6 @@
 ---
+- src: geerlingguy.certbot
+  version: 3.0.0
+
 - src: geerlingguy.nginx
   version: 2.5.0