ansible-role-certbot/tasks/certificates.yml

---
- name: Check if certificate exist
  ansible.builtin.stat:
    path: "/etc/letsencrypt/live/{{ item.key }}"
  loop: "{{ certbot_domains | dict2items }}"
  loop_control:
    label: "{{ item.key }}"
  register: st
  tags: certbot

- name: Check if a webservice is started
  ansible.builtin.wait_for:
    port: "{{ certbot_port }}"
    state: started
    timeout: 2
  ignore_errors: true
  register: web
  tags: certbot

- name: Create a new certificate  # noqa no-changed-when
  ansible.builtin.command: >
    certbot certonly -n --agree-tos -d {{ item.item.key }} -m {{ certbot_mail }}
    --webroot --webroot-path {{ certbot_path }} --rsa-key-size {{ certbot_key_size }}
    --deploy-hook /etc/letsencrypt/hook-{{ item.item.key }}
  loop: "{{ st.results }}"
  loop_control:
    label: "{{ item.item.key }}"
  when: (certbot_role == "master" or item.item.key == ansible_fqdn) and not item.stat.exists and not web.failed
  tags: certbot

- name: Create a new certificate (standalone)  # noqa no-changed-when
  ansible.builtin.command: >
    certbot certonly -n --agree-tos -d {{ item.item.key }} -m {{ certbot_mail }}
    --standalone --rsa-key-size {{ certbot_key_size }} --deploy-hook /etc/letsencrypt/hook-{{ item.item.key }}
    --http-01-port {{ certbot_port }}
  loop: "{{ st.results }}"
  loop_control:
    label: "{{ item.item.key }}"
  when: (certbot_role == "master" or item.item.key == ansible_fqdn) and not item.stat.exists and web.failed
  tags: certbot
style: fix to conform yamllint test 2018-11-29 17:55:28 +00:00			`---`
test: fix syntax for ansible-lint 2023-07-26 14:19:27 +00:00			`- name: Check if certificate exist`
chore: use FQCN for module name 2021-08-24 16:18:42 +00:00			`ansible.builtin.stat:`
test: fix syntax for ansible-lint 2023-07-26 14:19:27 +00:00			`path: "/etc/letsencrypt/live/{{ item.key }}"`
			`loop: "{{ certbot_domains \| dict2items }}"`
feat: add hook script and port 2022-01-03 14:27:56 +00:00			`loop_control:`
test: fix syntax for ansible-lint 2023-07-26 14:19:27 +00:00			`label: "{{ item.key }}"`
first version 2018-06-10 17:34:06 +00:00			`register: st`
			`tags: certbot`

test: fix syntax for ansible-lint 2023-07-26 14:19:27 +00:00			`- name: Check if a webservice is started`
feat: check if the port 80 is used 2021-08-24 16:47:19 +00:00			`ansible.builtin.wait_for:`
test: fix syntax for ansible-lint 2023-07-26 14:19:27 +00:00			`port: "{{ certbot_port }}"`
feat: check if the port 80 is used 2021-08-24 16:47:19 +00:00			`state: started`
feat: add hook script and port 2022-01-03 14:27:56 +00:00			`timeout: 2`
feat: check if the port 80 is used 2021-08-24 16:47:19 +00:00			`ignore_errors: true`
			`register: web`
first version 2018-06-10 17:34:06 +00:00			`tags: certbot`

test: fix syntax for ansible-lint 2023-07-26 14:19:27 +00:00			`- name: Create a new certificate # noqa no-changed-when`
chore: use FQCN for module name 2021-08-24 16:18:42 +00:00			`ansible.builtin.command: >`
feat: add hook script and port 2022-01-03 14:27:56 +00:00			`certbot certonly -n --agree-tos -d {{ item.item.key }} -m {{ certbot_mail }}`
style: fix the lines too long 2018-11-26 17:12:43 +00:00			`--webroot --webroot-path {{ certbot_path }} --rsa-key-size {{ certbot_key_size }}`
feat: add hook script and port 2022-01-03 14:27:56 +00:00			`--deploy-hook /etc/letsencrypt/hook-{{ item.item.key }}`
test: fix syntax for ansible-lint 2023-07-26 14:19:27 +00:00			`loop: "{{ st.results }}"`
feat: add hook script and port 2022-01-03 14:27:56 +00:00			`loop_control:`
test: fix syntax for ansible-lint 2023-07-26 14:19:27 +00:00			`label: "{{ item.item.key }}"`
			`when: (certbot_role == "master" or item.item.key == ansible_fqdn) and not item.stat.exists and not web.failed`
first version 2018-06-10 17:34:06 +00:00			`tags: certbot`

test: fix syntax for ansible-lint 2023-07-26 14:19:27 +00:00			`- name: Create a new certificate (standalone) # noqa no-changed-when`
chore: use FQCN for module name 2021-08-24 16:18:42 +00:00			`ansible.builtin.command: >`
feat: add hook script and port 2022-01-03 14:27:56 +00:00			`certbot certonly -n --agree-tos -d {{ item.item.key }} -m {{ certbot_mail }}`
			`--standalone --rsa-key-size {{ certbot_key_size }} --deploy-hook /etc/letsencrypt/hook-{{ item.item.key }}`
			`--http-01-port {{ certbot_port }}`
test: fix syntax for ansible-lint 2023-07-26 14:19:27 +00:00			`loop: "{{ st.results }}"`
feat: add hook script and port 2022-01-03 14:27:56 +00:00			`loop_control:`
test: fix syntax for ansible-lint 2023-07-26 14:19:27 +00:00			`label: "{{ item.item.key }}"`
			`when: (certbot_role == "master" or item.item.key == ansible_fqdn) and not item.stat.exists and web.failed`
first version 2018-06-10 17:34:06 +00:00			`tags: certbot`