ansible/roles/certbot/tasks/main.yml

43 lines
1 KiB
YAML
Raw Normal View History

2020-05-09 12:54:38 +02:00
---
- name: Install certbot and nginx plugin
2020-05-09 12:54:38 +02:00
apt:
update_cache: true
name:
- certbot
- python3-certbot-nginx
register: pkg_result
2020-05-09 12:54:38 +02:00
retries: 3
until: pkg_result is succeeded
2020-05-09 12:54:38 +02:00
- name: Check if certificate already exists.
stat:
path: "/etc/letsencrypt/live/{{ certbot.certname }}/cert.pem"
register: letsencrypt_cert
2020-05-09 12:54:38 +02:00
- name: Create /etc/letsencrypt/conf.d
file:
path: /etc/letsencrypt/conf.d
state: directory
2020-11-04 19:31:50 +01:00
mode: 0755
2020-05-09 12:54:38 +02:00
- name: Add Certbot configuration
template:
src: "letsencrypt/conf.d/certname.ini.j2"
dest: "/etc/letsencrypt/conf.d/{{ certbot.certname }}.ini"
mode: 0644
- name: Stop services to allow certbot to generate a cert.
service:
name: nginx
state: stopped
- name: Generate new certificate if one doesn't exist.
shell: "certbot certonly --non-interactive --config /etc/letsencrypt/conf.d/{{ certbot.certname }}.ini"
when: letsencrypt_cert.stat.exists == False
- name: Restart services to allow certbot to generate a cert.
service:
name: nginx
state: started