45 lines
1 KiB
YAML
45 lines
1 KiB
YAML
---
|
|
- name: install certbot package
|
|
ansible.builtin.apt:
|
|
name:
|
|
- certbot
|
|
- cron
|
|
default_release: '{{ certbot_distribution|default(ansible_distribution_release) }}'
|
|
state: present
|
|
tags: certbot
|
|
|
|
- name: create webroot path directory
|
|
ansible.builtin.file:
|
|
path: '{{ certbot_path }}'
|
|
owner: root
|
|
group: root
|
|
mode: 0755
|
|
state: directory
|
|
tags: certbot
|
|
|
|
- name: install hooks script
|
|
ansible.builtin.copy:
|
|
content: '{{ item.value|default("#!/bin/bash") }}'
|
|
dest: '/etc/letsencrypt/hook-{{ item.key }}'
|
|
owner: root
|
|
group: root
|
|
mode: 0700
|
|
loop: '{{ certbot_domains|dict2items }}'
|
|
loop_control:
|
|
label: '{{ item.key }}'
|
|
tags: certbot
|
|
|
|
- name: remove old cerbot renew cron
|
|
ansible.builtin.file:
|
|
path: /etc/cron.d/certbot
|
|
state: absent
|
|
tags: certbot
|
|
|
|
- name: add certbot renew cron
|
|
ansible.builtin.cron:
|
|
name: certbot-renew
|
|
user: root
|
|
hour: '*/12'
|
|
minute: '0'
|
|
job: perl -e 'sleep int(rand(3600))' && certbot -q renew
|
|
tags: certbot
|