Something went wrong on our end
-
Antoine Schildknecht authoredAntoine Schildknecht authored
main.yml 3.65 KiB
---
- name: install certbot
ansible.builtin.package:
force_apt_get: true
install_recommends: false
name: certbot
- name: get all server_name values
when: letsencrypt_domains == []
changed_when: false
register: letsencryt_nginx_output
ansible.builtin.shell:
executable: /bin/bash
cmd: >
set -o pipefail;
nginx -T 2>&1 | grep -v localhost | grep -P '^\s+server_name\s+.*;$' | sed -r 's/\s+server_name\s+(.*);/\1/' | uniq
- name: save result as list
when: letsencrypt_domains == []
ansible.builtin.set_fact:
letsencrypt_domains: "{{ letsencryt_nginx_output.stdout.split() }}"
- name: save domains list in a file
register: letsencrypt_save_list
ansible.builtin.copy:
dest: /etc/letsencrypt/domains.txt
content: |
{% for domain in letsencrypt_domains %}
{{ domain }}
{% endfor %}
mode: "644"
- name: create webroot directory
ansible.builtin.file:
path: "{{ letsencrypt_webroot }}"
state: directory
mode: "755"
- name: create pre hook directory
ansible.builtin.file:
path: /etc/letsencrypt/renewal-hooks/pre
state: directory
mode: "755"
- name: create pre hook script
ansible.builtin.copy:
dest: /etc/letsencrypt/renewal-hooks/pre/mkdir
mode: "0755"
content: |
#!/usr/bin/env bash
CERTBOT_DOCROOT=/var/www/letsencrypt
mkdir -p "$CERTBOT_DOCROOT"
chmod 755 "$CERTBOT_DOCROOT"
- name: create deploy hook directory
ansible.builtin.file:
path: /etc/letsencrypt/renewal-hooks/deploy
state: directory
mode: "755"
- name: create deploy hook script
ansible.builtin.copy:
dest: /etc/letsencrypt/renewal-hooks/deploy/nginx
mode: "0755"
content: |
#!/usr/bin/env bash
systemctl reload nginx
- name: test generate certificates
when: