diff --git a/roles/letsencrypt/templates/domains.txt.j2 b/roles/letsencrypt/templates/domains.txt.j2
index fec70e7..ca9b98c 100644
--- a/roles/letsencrypt/templates/domains.txt.j2
+++ b/roles/letsencrypt/templates/domains.txt.j2
@@ -1,57 +1,73 @@
 {% for cert in letsencrypt_certs | default([]) %}
+# letsencrypt_certs
 {{ cert.common_name }} {{ cert.alt_names | default([]) | join(' ') }}
 {% endfor %}
-{% if nginx_auto_letsencrypt_cert is defined and nginx_auto_letsencrypt_cert and nginx_vhosts is defined %}
+{% if 'nginx' in ansible_role_names and nginx_auto_letsencrypt_cert is defined and nginx_auto_letsencrypt_cert and nginx_vhosts is defined %}
 {% for vhost in nginx_vhosts %}
 {% if vhost.ssl.cert is not defined and (vhost.ssl.letsencrypt_cert is not defined or vhost.ssl.letsencrypt_cert not in letsencrypt_certs | default([]) | map(attribute='common_name')) %}
+# nginx
 {{ vhost.name }} {{ vhost.aliases | default([]) | join(' ') }}
 {% endif %}
 {% endfor %}
 {% endif %}
-{% if pve_letsencrypt is defined and pve_letsencrypt and inventory_hostname not in letsencrypt_certs | default([]) | map(attribute='common_name') %}
+{% if 'pve' in ansible_role_names and pve_letsencrypt is defined and pve_letsencrypt and inventory_hostname not in letsencrypt_certs | default([]) | map(attribute='common_name') %}
+# pve
 {{ inventory_hostname }} {{ pve_cluster_vhosts | join(' ') }}
 {% endif %}
-{% if graylog_letsencrypt_cert is defined and graylog_letsencrypt_cert not in letsencrypt_certs | default([]) | map(attribute='common_name') %}
+{% if 'graylog' in ansible_role_names and graylog_letsencrypt_cert is defined and graylog_letsencrypt_cert not in letsencrypt_certs | default([]) | map(attribute='common_name') %}
+# graylog
 {{ graylog_letsencrypt_cert }}
 {% endif %}
-{% if zcs_letsencrypt is defined and zcs_letsencrypt and inventory_hostname not in letsencrypt_certs | default([]) | map(attribute='common_name') %}
+{% if 'zimbra' in ansible_role_names and zcs_letsencrypt is defined and zcs_letsencrypt and inventory_hostname not in letsencrypt_certs | default([]) | map(attribute='common_name') %}
+# zcs
 {{ inventory_hostname }} {{ zcs_vhosts | default([]) | join(' ') }}
 {% endif %}
-{% if vaultwarden_letsencrypt_cert is defined and vaultwarden_letsencrypt_cert == True and vaultwarden_public_url | urlsplit('hostname') not in letsencrypt_certs | default([]) | map(attribute='common_name') %}
+{% if 'vaultwarden' in ansible_role_names and vaultwarden_letsencrypt_cert is defined and vaultwarden_letsencrypt_cert == True and vaultwarden_public_url | urlsplit('hostname') not in letsencrypt_certs | default([]) | map(attribute='common_name') %}
+# vaultwarden
 {{ vaultwarden_public_url | urlsplit('hostname') }}
 {% endif %}
-{% if psono_letsencrypt_cert is defined and psono_letsencrypt_cert == True %}
+{% if 'psono' in ansible_role_names and psono_letsencrypt_cert is defined and psono_letsencrypt_cert == True %}
+# psono
 {{ psono_public_url | urlsplit('hostname') }}
 {% endif %}
-{% if jitsi_letsencrypt_cert is defined and jitsi_letsencrypt_cert == True and jitsi_domain is defined %}
+{% if 'jitsi' in ansible_role_names and jitsi_letsencrypt_cert is defined and jitsi_letsencrypt_cert == True and jitsi_domain is defined %}
+# jitsi
 {{ jitsi_domain }} auth.{{ jitsi_domain }}
 {% endif %}
-{% if turn_letsencrypt_cert is defined and turn_letsencrypt_cert not in letsencrypt_certs | default([]) | map(attribute='common_name') %}
+{% if 'coturn' in ansible_role_names and turn_letsencrypt_cert is defined and turn_letsencrypt_cert not in letsencrypt_certs | default([]) | map(attribute='common_name') %}
+# turn
 {{ turn_letsencrypt_cert }}
 {% endif %}
-{% if rabbitmq_letsencrypt_cert is defined and rabbitmq_letsencrypt_cert != False %}
+{% if 'rabbitmq_server' in ansible_role_names and rabbitmq_letsencrypt_cert is defined and rabbitmq_letsencrypt_cert != False %}
 {% if rabbitmq_letsencrypt_cert is string and rabbitmq_letsencrypt_cert not in letsencrypt_certs | default([]) | map(attribute='common_name') %}
+# rabbitmq
 {{ rabbitmq_letsencrypt_cert }}
 {% elif rabbitmq_letsencrypt_cert == True and inventory_hostname not in letsencrypt_certs | default([]) | map(attribute='common_name') %}
+# rabbitmq
 {{ inventory_hostname }}
 {% endif %}
 {% endif %}
-{% if pbs_letsencrypt_cert is defined and pbs_letsencrypt_cert not in letsencrypt_certs | default([]) | map(attribute='common_name') %}
+{% if 'pbs' in ansible_role_names and pbs_letsencrypt_cert is defined and pbs_letsencrypt_cert not in letsencrypt_certs | default([]) | map(attribute='common_name') %}
+# pbs
 {{ pbs_letsencrypt_cert }}
 {% endif %}
-{% if fpbx_letsencrypt_cert is defined and fpbx_letsencrypt_cert is string and fpbx_letsencrypt_cert not in letsencrypt_certs | default([]) | map(attribute='common_name') %}
+{% if 'freepbx' in ansible_role_names and fpbx_letsencrypt_cert is defined and fpbx_letsencrypt_cert is string and fpbx_letsencrypt_cert not in letsencrypt_certs | default([]) | map(attribute='common_name') %}
+# fpbx
 {{ fpbx_letsencrypt_cert }}
 {% endif %}
-{% if sftpgo_extra_conf is defined %}
+{% if 'sftpgo' in ansible_role_names and sftpgo_extra_conf is defined %}
 {% for service in ['ftpd','webdavd','httpd','telemetry'] %}
 {% if sftpgo_extra_conf[service] is defined and sftpgo_extra_conf[service].certificate_file is defined and sftpgo_extra_conf[service].certificate_file is search('^letsencrypt:') and sftpgo_extra_conf[service].certificate_file | regex_replace('^letsencrypt:','') not in letsencrypt_certs | default([]) | map(attribute='common_name') %}
+# sftpgo {{ sftpgo_extra_conf[service].certificate_file }}
 {{ sftpgo_extra_conf[service].certificate_file | regex_replace('^letsencrypt:','') }}
 {% endif %}
 {% endfor %}
 {% endif %}
-{% if pg_letsencrypt_cert is defined and pg_letsencrypt_cert is string and pg_letsencrypt_cert not in letsencrypt_certs | default([]) | map(attribute='common_name') %}
+{% if 'postgresql_server' in ansible_role_names and pg_letsencrypt_cert is defined and pg_letsencrypt_cert is string and pg_letsencrypt_cert not in letsencrypt_certs | default([]) | map(attribute='common_name') %}
+# pg
 {{ pg_letsencrypt_cert }}
 {% endif %}
-{% if mysql_letsencrypt_cert is defined and mysql_letsencrypt_cert is string and mysql_letsencrypt_cert not in letsencrypt_certs | default([]) | map(attribute='common_name') %}
+{% if 'mysql_server' in ansible_role_names and mysql_letsencrypt_cert is defined and mysql_letsencrypt_cert is string and mysql_letsencrypt_cert not in letsencrypt_certs | default([]) | map(attribute='common_name') %}
+# mysql
 {{ mysql_letsencrypt_cert }}
 {% endif %}