diff --git a/defaults/main.yml b/defaults/main.yml
index 88ff8a6138d9688fcdfafae9aece8f999e96539a..84453ebf7e8fd2d86d25d69abf1ad7a019fae336 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1 +1,3 @@
+---
+
 letsencrypt_pause_services: []
diff --git a/tasks/cert_deploy.yml b/tasks/cert_deploy.yml
index ca228df5d518b5a361b4c17333eb247f606fd3b1..dcb4ed665df0471b4ab006e3746b840578a8b6b4 100644
--- a/tasks/cert_deploy.yml
+++ b/tasks/cert_deploy.yml
@@ -4,7 +4,7 @@
 - block:
 
   - name: Deploy Cert
-    shell: openssl {{ cert.export.type }} -export -out /tmp/{{ cert.domain }}.deploy -inkey privkey.pem -in cert.pem -certfile chain.pem -password pass:
+    shell: 'openssl {{ cert.export.type }} -export -out /tmp/{{ cert.domain }}.deploy -inkey privkey.pem -in cert.pem -certfile chain.pem -password pass:'
     args:
       chdir: /etc/letsencrypt/live/{{ cert.domain }}
 
diff --git a/tasks/install.yml b/tasks/install.yml
index 71736136fb87f14ca018542f14dd3b7545062f12..fcd8655b2bab4bb41637ca38c90cc9fb70d634ba 100644
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -21,8 +21,8 @@
 - name: Force certbot to use Python 3
   lineinfile:
     path: '{{ item }}'
-    regexp: ^#!/usr/bin/python$
-    line: #!/usr/bin/python3
+    regexp: '^#!/usr/bin/python$'
+    line: '#!/usr/bin/python3'
   with_items:
     - /usr/local/bin/certbot
     - /usr/bin/certbot
diff --git a/tasks/main.yml b/tasks/main.yml
index 9e5a7d0df619a35de96919fb3e4efff3e934faab..c4c366300fdd5cd3a52954d8e64b05d0227f743e 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -9,36 +9,36 @@
 
 - block:
 
-  - name: Ensure LetsEncrypt Directory
-    file:
-      path: /etc/letsencrypt
-      state: directory
-
-  - name: Check Existing Certs
-    stat:
-      path: /etc/letsencrypt/live
-    register: letsencrypt_certs_available
-    failed_when: no
-    changed_when: no
-    tags:
-      - renew
-
-  - import_tasks: install.yml
-
-  - include_tasks: cert.yml
-    with_items: '{{ letsencrypt_certificates|default([]) }}'
-    loop_control:
-      loop_var: domain
-    tags:
-      - Certs
-
-  - import_tasks: renew.yml
-    when: letsencrypt_certs_available is defined and letsencrypt_certs_available.stat.exists and (proxy_active is not defined or proxy_active)
-    tags:
-      - renew
-
-  - import_tasks: ../../haproxy/tasks/proxypool.yml
-    tags:
-      - renew
+    - name: Ensure LetsEncrypt Directory
+      file:
+        path: /etc/letsencrypt
+        state: directory
+
+    - name: Check Existing Certs
+      stat:
+        path: /etc/letsencrypt/live
+      register: letsencrypt_certs_available
+      failed_when: no
+      changed_when: no
+      tags:
+        - renew
+
+    - import_tasks: install.yml
+
+    - include_tasks: cert.yml
+      with_items: '{{ letsencrypt_certificates|default([]) }}'
+      loop_control:
+        loop_var: domain
+      tags:
+        - Certs
+
+    - import_tasks: renew.yml
+      when: letsencrypt_certs_available is defined and letsencrypt_certs_available.stat.exists and (proxy_active is not defined or proxy_active)
+      tags:
+        - renew
+
+    - import_tasks: ../../haproxy/tasks/proxypool.yml
+      tags:
+        - renew
 
   when: not excluded_roles or "letsencrypt" not in excluded_roles