diff --git a/CHANGELOG.md b/CHANGELOG.md index f2532a1..edb0ab0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,7 @@ Which is based on [Keep A Changelog](http://keepachangelog.com/) - feat: add certbot_port variable - feat: add hook scripts +- test: add support debian 12 ## v2.2.0 - 2021-08-24 diff --git a/README.md b/README.md index cc12b0a..a7007b0 100644 --- a/README.md +++ b/README.md @@ -10,6 +10,7 @@ Generate certificate SSL with certbot. * Ansible >= 2.10 * Debian * Bullseye + * Bookworm ## Role variables @@ -41,7 +42,7 @@ Generate certificate SSL with certbot. * install [docker](https://docs.docker.com/engine/installation/) * install `python3` and `python3-pip` -* install molecule and dependencies `pip3 install molecule molecule-docker docker ansible-lint pytest-testinfra yamllint` +* install molecule and dependencies `pip3 install molecule molecule-plugins[docker] docker ansible-lint pytest-testinfra yamllint` * run `molecule test` ## License diff --git a/meta/main.yml b/meta/main.yml index f98a196..13f8189 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -6,11 +6,12 @@ galaxy_info: company: Adrien Waksberg description: Generate certificate SSL with certbot license: Apache2 - min_ansible_version: 2.10 + min_ansible_version: "2.10" platforms: - name: Debian versions: - bullseye + - bookworm galaxy_tags: - certbot diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml index 0507c53..58f7769 100644 --- a/molecule/default/molecule.yml +++ b/molecule/default/molecule.yml @@ -2,11 +2,12 @@ driver: name: docker platforms: - - name: debian10 - image: nishiki/debian10:molecule + - name: debian12 + image: nishiki/debian12:molecule privileged: true volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro + - /sys/fs/cgroup:/sys/fs/cgroup:rw + cgroupns_mode: host command: /bin/systemd capabilities: - SYS_ADMIN @@ -14,7 +15,8 @@ platforms: image: nishiki/debian11:molecule privileged: true volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro + - /sys/fs/cgroup:/sys/fs/cgroup:rw + cgroupns_mode: host command: /bin/systemd capabilities: - SYS_ADMIN diff --git a/molecule/default/tests/test_default.py b/molecule/default/tests/test_default.py index ecfc127..529a946 100644 --- a/molecule/default/tests/test_default.py +++ b/molecule/default/tests/test_default.py @@ -23,19 +23,19 @@ def test_cron_file(host): assert path.user == 'root' assert path.group == 'crontab' assert path.mode == 0o600 - assert path.contains('--renew-hook /usr/local/bin/certbot-renew') + assert path.contains('perl -e \'sleep int(rand(3600))\' && certbot -q renew') def test_config_file(host): - path = host.file('/etc/letsencrypt/renew.cfg') + path = host.file('/etc/letsencrypt/hook-test.local') assert path.exists assert path.is_file assert path.user == 'root' assert path.group == 'root' - assert path.mode == 0o644 - assert path.contains('test.local = echo OK > /tmp/test.txt') + assert path.mode == 0o700 + assert path.contains('echo OK > /tmp/test.txt') def test_renew(host): - cmd = host.run('RENEWED_DOMAINS=test.local /usr/local/bin/certbot-renew') + cmd = host.run('/etc/letsencrypt/hook-test.local') assert cmd.succeeded path = host.file('/tmp/test.txt') diff --git a/tasks/certificates.yml b/tasks/certificates.yml index 61d820b..fe8fcc4 100644 --- a/tasks/certificates.yml +++ b/tasks/certificates.yml @@ -25,7 +25,7 @@ loop: '{{ st.results }}' loop_control: label: '{{ item.item.key }}' - when: (certbot_role == 'master' or item.item.name == ansible_fqdn) and not item.stat.exists and not web.failed + when: (certbot_role == 'master' or item.item.key == ansible_fqdn) and not item.stat.exists and not web.failed tags: certbot - name: create a new certificate (standalone) @@ -36,5 +36,5 @@ loop: '{{ st.results }}' loop_control: label: '{{ item.item.key }}' - when: (certbot_role == 'master' or item.item.name == ansible_fqdn) and not item.stat.exists and web.failed + when: (certbot_role == 'master' or item.item.key == ansible_fqdn) and not item.stat.exists and web.failed tags: certbot