You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
50 lines
1.7 KiB
YAML
50 lines
1.7 KiB
YAML
---
|
|
- name: Install certbot
|
|
apt:
|
|
update_cache: true
|
|
name: certbot
|
|
state: latest
|
|
|
|
- name: Add LE proxy to /etc/host
|
|
lineinfile:
|
|
path: /etc/hosts
|
|
line: "{{ ip_LE_proxy }} {{ item }}"
|
|
insertafter: "# Ansible managed:"
|
|
search_string: "{{ item }}"
|
|
when: ip_LE_proxy is defined
|
|
loop:
|
|
- "acme-v02.api.letsencrypt.org"
|
|
- "r3.o.lencr.org"
|
|
|
|
- name: Collect certificate
|
|
set_fact:
|
|
all_certbot_certs: "{{ certbot_certs | default({}) }}"
|
|
|
|
- name: Collect certificate for nginx website
|
|
set_fact:
|
|
all_certbot_certs: "{{ all_certbot_certs | combine({item: {'links': ['/etc/nginx/certs/'+item],'hooks': ['systemctl reload nginx']}}) }}"
|
|
loop: "{{ http_sites | default({}) | dict2items | selectattr('value.use_cerbot', 'defined') | selectattr('value.use_cerbot', '==', True) | map(attribute='key')}}"
|
|
|
|
- name: Create certificate links
|
|
file:
|
|
src: "/etc/letsencrypt/live/{{ item.0.key }}/fullchain.pem"
|
|
dest: "{{ item.1 }}.crt"
|
|
state: link
|
|
force: yes
|
|
loop: "{{ all_certbot_certs | dict2items | subelements('value.links', skip_missing=True) }}"
|
|
|
|
- name: Create key links
|
|
file:
|
|
src: "/etc/letsencrypt/live/{{ item.0.key }}/privkey.pem"
|
|
dest: "{{ item.1 }}.key"
|
|
state: link
|
|
force: yes
|
|
loop: "{{ all_certbot_certs | dict2items | subelements('value.links', skip_missing=True) }}"
|
|
|
|
- name: Generate Certificate for Domains
|
|
shell: "certbot certonly --agree-tos --register-unsafely-without-email --domain {{ item.key }} --non-interactive --webroot --webroot-path /var/www/well-known/acme-challenge {% if item.value.hooks is defined %}--post-hook '{{ item.value.hooks | join('; ') }}'{% endif %}"
|
|
args:
|
|
creates: "/etc/letsencrypt/live/{{ item.key }}/cert.pem"
|
|
loop: "{{ all_certbot_certs | dict2items }}"
|
|
|