diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml
index 00c3f839a..7493e9d1b 100644
--- a/roles/matrix-nginx-proxy/defaults/main.yml
+++ b/roles/matrix-nginx-proxy/defaults/main.yml
@@ -553,6 +553,9 @@ matrix_ssl_lets_encrypt_certbot_http_docker_image: "{{ matrix_container_global_r
 matrix_ssl_lets_encrypt_certbot_dns_docker_image: "{{ matrix_container_global_registry_prefix }}certbot/dns-{{ matrix_ssl_lets_encrypt_certbot_official_dns_provider }}:{{ matrix_ssl_architecture }}-{{ matrix_ssl_lets_encrypt_certbot_docker_image_version }}"
 matrix_ssl_lets_encrypt_certbot_official_dns_provider: ''
 matrix_ssl_lets_encrypt_certbot_custom_docker_image: ''
+# Don't modify matrix_ssl_lets_encrypt_certbot_docker_image directly, look at documentation and rely on matrix_ssl_lets_encrypt_certbot_challenge_image instead
+matrix_ssl_lets_encrypt_certbot_docker_image: "{{ matrix_ssl_lets_encrypt_certbot_custom_docker_image if matrix_ssl_lets_encrypt_certbot_challenge_image == 'custom' else matrix_ssl_lets_encrypt_certbot_dns_docker_image if matrix_ssl_lets_encrypt_certbot_challenge_image == 'dns' else matrix_ssl_lets_encrypt_certbot_http_docker_image }}"
+matrix_ssl_lets_encrypt_certbot_docker_image_force_pull: "{{ matrix_ssl_lets_encrypt_certbot_docker_image.endswith(':latest') }}"
 matrix_ssl_lets_encrypt_certbot_standalone_http_port: 2402
 matrix_ssl_lets_encrypt_support_email: ~
 
diff --git a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml
index b19a6e8cf..6bd5d5364 100644
--- a/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml
+++ b/roles/matrix-nginx-proxy/tasks/ssl/setup_ssl_lets_encrypt.yml
@@ -17,12 +17,6 @@
 #
 
 - block:
-    - ansible.builtin.set_fact:
-        matrix_ssl_lets_encrypt_certbot_docker_image: "{{ matrix_ssl_lets_encrypt_certbot_custom_docker_image if matrix_ssl_lets_encrypt_certbot_challenge_image == 'custom' else matrix_ssl_lets_encrypt_certbot_dns_docker_image if matrix_ssl_lets_encrypt_certbot_challenge_image == 'dns' else matrix_ssl_lets_encrypt_certbot_http_docker_image }}"
-
-    - ansible.builtin.set_fact:
-        matrix_ssl_lets_encrypt_certbot_docker_image_force_pull: "{{ matrix_ssl_lets_encrypt_certbot_docker_image.endswith(':latest') }}"
-
     - ansible.builtin.debug:
         msg: "Using certbot docker image: {{ matrix_ssl_lets_encrypt_certbot_docker_image }}"