This commit is contained in:
parent
06917ce46b
commit
9d4c630c7e
1 changed files with 28 additions and 0 deletions
28
roles/mail-certificates/tasks/main.yml
Normal file
28
roles/mail-certificates/tasks/main.yml
Normal file
|
|
@ -0,0 +1,28 @@
|
|||
---
|
||||
# Very similar to the certbot role, but without nginx
|
||||
# Install Letscrypt tools to generate and manage certificates
|
||||
- name: Install Letsencrypt
|
||||
apt:
|
||||
name:
|
||||
- certbot # letsencrypt
|
||||
- ca-certificates # just in case
|
||||
update_cache: true
|
||||
|
||||
# Create the configuration directory for letsencrypt
|
||||
- name: Create /etc/letsencrypt/conf.d
|
||||
file:
|
||||
path: /etc/letsencrypt/conf.d
|
||||
state: directory
|
||||
mode: 0755
|
||||
|
||||
# Configure certbot
|
||||
- name: Add certbot configuration
|
||||
template:
|
||||
src: "conf.ini.j2"
|
||||
dest: "/etc/letsencrypt/conf.d/{{ certbot.certname }}.ini"
|
||||
mode: 0644
|
||||
register: certbot_config
|
||||
|
||||
- name: Generate new certificates if the configuration changed
|
||||
shell: "certbot certonly --non-interactive --config /etc/letsencrypt/conf.d/{{ certbot.certname }}.ini"
|
||||
when: certbot_config.changed
|
||||
Loading…
Reference in a new issue