Are you following the instructions at Set up Let’s Encrypt with multiple domains / redirects?
If you plug www.mysite.com
in the tempate in the OP it generates this:
after_ssl:
# tell letsencrypt what additional certs to get
- replace:
filename: "/etc/runit/1.d/letsencrypt"
from: /--keylength/
to: "-d www.mysite.com --keylength"
- replace:
filename: "/etc/runit/1.d/letsencrypt"
from: /--fullchainpath/
to: "-d www.mysite.com --fullchainpath"
global: true
So you’re doing it wrong.