32 lines
1.1 KiB
YAML
32 lines
1.1 KiB
YAML
---
|
|
- name: check if certificate exist
|
|
ansible.builtin.stat:
|
|
path: '/etc/letsencrypt/live/{{ item.name }}'
|
|
loop: '{{ certbot_domains }}'
|
|
register: st
|
|
tags: certbot
|
|
|
|
- name: check if a webservice is started on port 80
|
|
ansible.builtin.wait_for:
|
|
port: 80
|
|
state: started
|
|
timeout: 5
|
|
ignore_errors: true
|
|
register: web
|
|
tags: certbot
|
|
|
|
- name: create a new certificate
|
|
ansible.builtin.command: >
|
|
certbot certonly -n --agree-tos -d {{ item.item.name }} -m {{ certbot_mail }}
|
|
--webroot --webroot-path {{ certbot_path }} --rsa-key-size {{ certbot_key_size }}
|
|
loop: '{{ st.results }}'
|
|
when: (certbot_role == 'master' or item.item.name == ansible_fqdn) and not item.stat.exists and not web.failed
|
|
tags: certbot
|
|
|
|
- name: create a new certificate (standalone)
|
|
ansible.builtin.command: >
|
|
certbot certonly -n --agree-tos -d {{ item.item.name }} -m {{ certbot_mail }}
|
|
--standalone --rsa-key-size {{ certbot_key_size }}
|
|
loop: '{{ st.results }}'
|
|
when: (certbot_role == 'master' or item.item.name == ansible_fqdn) and not item.stat.exists and web.failed
|
|
tags: certbot
|