ansible-role-certbot/tasks/base.yml

---
- name: install certbot package
  ansible.builtin.apt:
    name:
      - certbot
      - cron
    default_release: '{{ certbot_distribution|default(ansible_distribution_release) }}'
    state: present
  tags: certbot

- name: create webroot path directory
  ansible.builtin.file:
    path: '{{ certbot_path }}'
    owner: root
    group: root
    mode: 0755
    state: directory
  tags: certbot

- name: install certbot-renew binary
  ansible.builtin.copy:
    src: certbot-renew
    dest: /usr/local/bin/certbot-renew
    owner: root
    group: root
    mode: 0755
  tags: certbot

- name: install certbot renew configuration
  ansible.builtin.template:
    src: renew.cfg.j2
    dest: /etc/letsencrypt/renew.cfg
    owner: root
    group: root
    mode: 0644
  tags: certbot

- name: remove old cerbot renew cron
  ansible.builtin.file:
    path: /etc/cron.d/certbot
    state: absent
  tags: certbot

- name: add certbot renew cron
  ansible.builtin.cron:
    name: certbot-renew
    user: root
    hour: '*/12'
    minute: '0'
    job: perl -e 'sleep int(rand(3600))' && certbot -q renew --renew-hook /usr/local/bin/certbot-renew
  tags: certbot
style: fix to conform yamllint test 2018-11-29 17:55:28 +00:00			`---`
first version 2018-06-10 17:34:06 +00:00			`- name: install certbot package`
chore: use FQCN for module name 2021-08-24 16:18:42 +00:00			`ansible.builtin.apt:`
			`name:`
break: change with_items to loop 2018-11-25 19:24:19 +00:00			`- certbot`
			`- cron`
chore: use FQCN for module name 2021-08-24 16:18:42 +00:00			`default_release: '{{ certbot_distribution\|default(ansible_distribution_release) }}'`
			`state: present`
first version 2018-06-10 17:34:06 +00:00			`tags: certbot`

			`- name: create webroot path directory`
chore: use FQCN for module name 2021-08-24 16:18:42 +00:00			`ansible.builtin.file:`
first version 2018-06-10 17:34:06 +00:00			`path: '{{ certbot_path }}'`
			`owner: root`
			`group: root`
			`mode: 0755`
			`state: directory`
			`tags: certbot`
feat: add renew hook script 2018-07-07 17:24:56 +00:00
			`- name: install certbot-renew binary`
chore: use FQCN for module name 2021-08-24 16:18:42 +00:00			`ansible.builtin.copy:`
feat: add renew hook script 2018-07-07 17:24:56 +00:00			`src: certbot-renew`
			`dest: /usr/local/bin/certbot-renew`
			`owner: root`
			`group: root`
			`mode: 0755`
			`tags: certbot`

			`- name: install certbot renew configuration`
chore: use FQCN for module name 2021-08-24 16:18:42 +00:00			`ansible.builtin.template:`
feat: add renew hook script 2018-07-07 17:24:56 +00:00			`src: renew.cfg.j2`
			`dest: /etc/letsencrypt/renew.cfg`
			`owner: root`
			`group: root`
			`mode: 0644`
			`tags: certbot`

fix: replace inline module to cron for renew cron 2018-11-25 09:16:09 +00:00			`- name: remove old cerbot renew cron`
chore: use FQCN for module name 2021-08-24 16:18:42 +00:00			`ansible.builtin.file:`
feat: add renew hook script 2018-07-07 17:24:56 +00:00			`path: /etc/cron.d/certbot`
fix: replace inline module to cron for renew cron 2018-11-25 09:16:09 +00:00			`state: absent`
			`tags: certbot`

			`- name: add certbot renew cron`
chore: use FQCN for module name 2021-08-24 16:18:42 +00:00			`ansible.builtin.cron:`
fix: replace inline module to cron for renew cron 2018-11-25 09:16:09 +00:00			`name: certbot-renew`
			`user: root`
			`hour: '*/12'`
chore: use FQCN for module name 2021-08-24 16:18:42 +00:00			`minute: '0'`
fix: replace inline module to cron for renew cron 2018-11-25 09:16:09 +00:00			`job: perl -e 'sleep int(rand(3600))' && certbot -q renew --renew-hook /usr/local/bin/certbot-renew`
feat: add renew hook script 2018-07-07 17:24:56 +00:00			`tags: certbot`