forked from bitlair/ansible
82 lines
2 KiB
YAML
82 lines
2 KiB
YAML
---
|
|
- ansible.builtin.import_tasks:
|
|
file: remove_conflicting.yaml
|
|
tags: [ never, acme_remove_conflicting ]
|
|
|
|
- name: Install Dehydrated
|
|
tags: [ acme, acme_install ]
|
|
block:
|
|
- name: Install dependencies
|
|
ansible.builtin.apt:
|
|
name: ssl-cert
|
|
state: present
|
|
|
|
- name: Install Dehydrated
|
|
ansible.builtin.apt:
|
|
name: dehydrated
|
|
state: present
|
|
|
|
- name: Install config file
|
|
ansible.builtin.template:
|
|
src: config.sh
|
|
dest: /etc/dehydrated/conf.d/ansible.sh
|
|
owner: root
|
|
group: root
|
|
mode: 0755
|
|
notify: update_contact_info
|
|
|
|
- name: Install deploy hook
|
|
ansible.builtin.template:
|
|
src: deploy.sh
|
|
dest: /etc/dehydrated/conf.d/deploy.sh
|
|
owner: root
|
|
group: root
|
|
mode: 0755
|
|
|
|
- name: Install cronjob
|
|
ansible.builtin.template:
|
|
src: cron
|
|
dest: /etc/cron.d/dehydrated
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
|
|
- name: Create Nginx snippet snippets dir
|
|
ansible.builtin.file:
|
|
state: directory
|
|
path: /etc/nginx/snippets
|
|
owner: root
|
|
group: root
|
|
mode: 0755
|
|
|
|
- name: Install Nginx snippet
|
|
ansible.builtin.template:
|
|
src: nginx-snippet.conf
|
|
dest: /etc/nginx/snippets/acme.conf
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
|
|
- name: Register account
|
|
ansible.builtin.command:
|
|
cmd: dehydrated --register --accept-terms
|
|
args:
|
|
creates: /var/lib/dehydrated/accounts
|
|
|
|
- tags: [ acme, acme_certs ]
|
|
block:
|
|
- name: Configure certificates
|
|
ansible.builtin.template:
|
|
src: domains.txt
|
|
dest: /etc/dehydrated/domains.txt
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
notify: query_certificates
|
|
|
|
- name: Symlink SAN domains
|
|
ansible.builtin.include_tasks:
|
|
file: san_domains_loop.yaml
|
|
loop: "{{ acme_san_domains|default([]) }}"
|
|
loop_control:
|
|
loop_var: domains
|