Ansible: loop with using collection and role

Question

I´m doing the first steps in Ansible this week and I break on include_tasks for looping ofer a role. The needed task is to create Letsencrypt certificates for a bunch of domains, thanks to T-Systems-MMS, there is already a collection to do this via APIs of letsencrypt and AutoDNS (see https://github.com/T-Systems-MMS/ansible-collection-acme/blob/master/docs/dns-challenge/autodns.md ).

Filling this playbook with my settings, it is working fine for one domain. My try to loop over is (hopefully there was no mistake while anonymising the code):

playbook_getsslcert_main.yml:

---
- hosts: localhost
  connection: local
  vars:
    ansible_python_interpreter: auto
  tasks:
    - name: Get SSL certificate
      include_tasks: playbook_getsslcert_task.yml
      loop:
        - sub1.domain1.com
        - sub2.domain1.com

playbook_getsslcert_task.yml:

---
- name: Doing letsencrypt ACME with AutoDNS
  collections:
    - t_systems_mms.acme
  roles:
    - acme
  vars:
    nbb_emailadress: my.email@example.com
    nbb_autodnsuser: login.user@other.com
    acme_domain:
      certificate_name: "{{ item }}"
      zone: "domain1.com"
      email_address: "{{ nbb_emailadress }}"
      subject_alt_name:
        - "{{ item }}"
    acme_challenge_provider: autodns
    acme_use_live_directory: true
    acme_conf_dir: /etc/letsencrypt
    acme_account_email: "{{ nbb_emailadress }}"
    acme_dns_user: "{{ nbb_autodnsuser }}"
    acme_dns_password: "supersecret"

The error I get is

fatal: [localhost]: FAILED! => {"reason": "conflicting action statements: hosts, roles\n\nThe error appears to be in 'playbook_getsslcert_task.yml': line 2, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n---\n- name: Doing letsencrypt ACME with AutoDNS\n  ^ here\n"}

My collegues and me are experienced Linux guys, we tested a lot; also we checked the YAML with formatcheckers and so on, did different styles for looping, tried an example tasks.ym just for writing a message, checked file formats (for linefeeds, correct HEX values,...) and so on. But Ansible doesnt like the playbook.

Thanks for all your suggestions.

Edit: Ubuntu 18.04 LTS, Python 3.6.9, Ansible 2.9.27

Answer 1

Thanks to @Zeitounator (sorry for overlooing your first link), a suitable and working solution have been found:

---
- hosts: all
  connection: local
  vars:
    ansible_python_interpreter: auto
  
  tasks:
    - name: "Doing letsencrypt ACME with AutoDNS for {{ nbb_domain }}"
      collections:
        - t_systems_mms.acme
      include_role: 
        name: acme
      vars:
        nbb_emailadress: my.email@example.com
        nbb_autodnsuser: login.user@other.com
        acme_domain:
          certificate_name: "{{ nbb_domain }}"
          zone: "domain1.com"
          email_address: "{{ nbb_emailadress }}"
          subject_alt_name:
            - "{{ nbb_domain }}"
        acme_challenge_provider: autodns
        acme_use_live_directory: true
        acme_conf_dir: /etc/letsencrypt
        acme_account_email: "{{ nbb_emailadress }}"
        acme_dns_user: "{{ nbb_autodnsuser }}"
        acme_dns_password: "supersecret"
      loop:
        - sub1.domain1.com
        - sub2.domain1.com
      loop_control:
        loop_var: nbb_domain