This commit is contained in:
parent
06917ce46b
commit
9d4c630c7e
1 changed files with 28 additions and 0 deletions
28
roles/mail-certificates/tasks/main.yml
Normal file
28
roles/mail-certificates/tasks/main.yml
Normal file
|
|
@ -0,0 +1,28 @@
|
||||||
|
---
|
||||||
|
# Very similar to the certbot role, but without nginx
|
||||||
|
# Install Letscrypt tools to generate and manage certificates
|
||||||
|
- name: Install Letsencrypt
|
||||||
|
apt:
|
||||||
|
name:
|
||||||
|
- certbot # letsencrypt
|
||||||
|
- ca-certificates # just in case
|
||||||
|
update_cache: true
|
||||||
|
|
||||||
|
# Create the configuration directory for letsencrypt
|
||||||
|
- name: Create /etc/letsencrypt/conf.d
|
||||||
|
file:
|
||||||
|
path: /etc/letsencrypt/conf.d
|
||||||
|
state: directory
|
||||||
|
mode: 0755
|
||||||
|
|
||||||
|
# Configure certbot
|
||||||
|
- name: Add certbot configuration
|
||||||
|
template:
|
||||||
|
src: "conf.ini.j2"
|
||||||
|
dest: "/etc/letsencrypt/conf.d/{{ certbot.certname }}.ini"
|
||||||
|
mode: 0644
|
||||||
|
register: certbot_config
|
||||||
|
|
||||||
|
- name: Generate new certificates if the configuration changed
|
||||||
|
shell: "certbot certonly --non-interactive --config /etc/letsencrypt/conf.d/{{ certbot.certname }}.ini"
|
||||||
|
when: certbot_config.changed
|
||||||
Loading…
Reference in a new issue