xoxys.certbot/tasks/install.yml

---
- name: Create certbot user '{{ certbot_user }}'
  user:
    name: "{{ certbot_user }}"
  become: True
  become_user: root
  when: not certbot_user == 'root'

- block:
    - name: Upgrade python dependencies
      pip:
        name: "{{ item }}"
        virtualenv: "{{ certbot_virtualenv }}"
        virtualenv_command: "{{ certbot_virtualenv_command }} -m venv"
        extra_args: --upgrade
      loop:
        - pip
        - setuptools

    - name: Install dependencies
      pip:
        name: "{{ item }}"
        virtualenv: "{{ certbot_virtualenv }}"
        virtualenv_command: "{{ certbot_virtualenv_command }} -m venv"
      environment:
        TMPDIR: /opt/python3/tmp
      loop: "{{ certbot_packages_extra }}"

    - name: Install certbot
      pip:
        name: "{{ item }}"
        virtualenv: "{{ certbot_virtualenv }}"
        virtualenv_command: "{{ certbot_virtualenv_command }} -m venv"
      loop: "{{ __certbot_packages }}"

    - name: Adjust file permissions
      file:
        name: "{{ certbot_virtualenv }}"
        recurse: True
        mode: u+rwX,go+rX,go-w
        state: directory

    - name: Make certbot binaries executable
      file:
        name: "{{ certbot_virtualenv }}/bin/{{ item }}"
        mode: 0755
      loop: "{{ __certbot_binaries }}"

    - name: Deploy certbot bin wrappers
      template:
        src: usr/local/bin/certbot-wrapper.j2
        dest: "/usr/local/bin/{{ item }}"
        owner: root
        group: root
        mode: 0755
      loop: "{{ __certbot_binaries }}"
  become: True
  become_user: root

- block:
    - name: Create certbot environment
      file:
        path: "{{ item.name }}"
        state: directory
        mode: "{{ item.mode }}"
      loop: "{{ __certbot_environment }}"
      loop_control:
        label: "{{ item.name }}"

    - name: Deploy config file
      template:
        src: config/cli.ini.j2
        dest: "{{ certbot_config_dir }}/cli.ini"
        mode: 0640

    - name: Deploy credentials file
      template:
        src: config/credentials.ini.j2
        dest: "{{ certbot_config_dir }}/credentials.ini"
        mode: 0600
      when: certbot_credentials | default([]) | length > 0

    - name: Schedule certbot run
      cron:
        name: "Certbot automatic renewal: {{ item.name }}"
        minute: "{{ certbot_cron_minute }}"
        hour: "{{ certbot_cron_hour }}"
        user: "{{ certbot_cron_user | default(certbot_user) }}"
        job: >
          {{ certbot_bin | default(__certbot_bin) }}
          --config-dir {{ certbot_config_dir }}
          --work-dir {{ certbot_work_dir }}
          --logs-dir {{ certbot_log_dir }}
          --max-log-backups {{ certbot_max_log_backups }}
          {{ certbot_command_arguments | join(' ') }}
          -n -d {{ item.domains | join(',') }}
        cron_file: "{{ certbot_cron_file | default(omit) }}"
      loop: "{{ certbot_domain_groups }}"
      loop_control:
        label: "{{ item.name }}"
      when: certbot_cron_enabled
  become: True
  become_user: "{{ certbot_user }}"
optionally create user and setup directories 2018-06-22 21:18:48 +02:00			`---`
use pip to install certbot into user environemnt 2020-04-20 23:21:54 +02:00			`- name: Create certbot user '{{ certbot_user }}'`
			`user:`
			`name: "{{ certbot_user }}"`
add missing epel dependency 2019-09-18 16:37:54 +02:00			`become: True`
			`become_user: root`
use pip to install certbot into user environemnt 2020-04-20 23:21:54 +02:00			`when: not certbot_user == 'root'`
optionally create user and setup directories 2018-06-22 21:18:48 +02:00
add missing epel dependency 2019-09-18 16:37:54 +02:00			`- block:`
use venv to install certbot 2021-04-17 12:20:07 +02:00			`- name: Upgrade python dependencies`
			`pip:`
			`name: "{{ item }}"`
feat: add option to customize virtualenv 2021-06-12 17:43:27 +02:00			`virtualenv: "{{ certbot_virtualenv }}"`
			`virtualenv_command: "{{ certbot_virtualenv_command }} -m venv"`
use venv to install certbot 2021-04-17 12:20:07 +02:00			`extra_args: --upgrade`
			`loop:`
			`- pip`
			`- setuptools`

install aways latest dependencies 2020-05-10 17:05:23 +02:00			`- name: Install dependencies`
			`pip:`
			`name: "{{ item }}"`
feat: add option to customize virtualenv 2021-06-12 17:43:27 +02:00			`virtualenv: "{{ certbot_virtualenv }}"`
			`virtualenv_command: "{{ certbot_virtualenv_command }} -m venv"`
use venv to install certbot 2021-04-17 12:20:07 +02:00			`environment:`
			`TMPDIR: /opt/python3/tmp`
install aways latest dependencies 2020-05-10 17:05:23 +02:00			`loop: "{{ certbot_packages_extra }}"`

use venv to install certbot 2021-04-17 12:20:07 +02:00			`- name: Install certbot`
fix indentation 2020-04-20 23:25:13 +02:00			`pip:`
			`name: "{{ item }}"`
feat: add option to customize virtualenv 2021-06-12 17:43:27 +02:00			`virtualenv: "{{ certbot_virtualenv }}"`
			`virtualenv_command: "{{ certbot_virtualenv_command }} -m venv"`
install aways latest dependencies 2020-05-10 17:05:23 +02:00			`loop: "{{ __certbot_packages }}"`
use pip to install certbot into user environemnt 2020-04-20 23:21:54 +02:00
use venv to install certbot 2021-04-17 12:20:07 +02:00			`- name: Adjust file permissions`
			`file:`
feat: add option to customize virtualenv 2021-06-12 17:43:27 +02:00			`name: "{{ certbot_virtualenv }}"`
use venv to install certbot 2021-04-17 12:20:07 +02:00			`recurse: True`
			`mode: u+rwX,go+rX,go-w`
			`state: directory`

			`- name: Make certbot binaries executable`
			`file:`
feat: add option to customize virtualenv 2021-06-12 17:43:27 +02:00			`name: "{{ certbot_virtualenv }}/bin/{{ item }}"`
use venv to install certbot 2021-04-17 12:20:07 +02:00			`mode: 0755`
			`loop: "{{ __certbot_binaries }}"`

			`- name: Deploy certbot bin wrappers`
			`template:`
			`src: usr/local/bin/certbot-wrapper.j2`
			`dest: "/usr/local/bin/{{ item }}"`
			`owner: root`
			`group: root`
			`mode: 0755`
			`loop: "{{ __certbot_binaries }}"`
			`become: True`
			`become_user: root`

			`- block:`
optionally create user and setup directories 2018-06-22 21:18:48 +02:00			`- name: Create certbot environment`
add mode per directory option 2018-06-22 21:39:52 +02:00			`file:`
			`path: "{{ item.name }}"`
optionally create user and setup directories 2018-06-22 21:18:48 +02:00			`state: directory`
add mode per directory option 2018-06-22 21:39:52 +02:00			`mode: "{{ item.mode }}"`
fix variable name 2020-04-19 23:37:59 +02:00			`loop: "{{ __certbot_environment }}"`
add loop control 2018-06-22 21:45:25 +02:00			`loop_control:`
			`label: "{{ item.name }}"`
optionally create user and setup directories 2018-06-22 21:18:48 +02:00
			`- name: Deploy config file`
			`template:`
fix typo in template path 2018-06-22 21:59:02 +02:00			`src: config/cli.ini.j2`
fix typo in template dest 2018-06-22 22:50:24 +02:00			`dest: "{{ certbot_config_dir }}/cli.ini"`
fix: solve linting issues 2021-02-06 15:15:59 +01:00			`mode: 0640`
create cron 2018-06-22 23:16:49 +02:00
refator role 2020-04-19 23:27:41 +02:00			`- name: Deploy credentials file`
			`template:`
			`src: config/credentials.ini.j2`
			`dest: "{{ certbot_config_dir }}/credentials.ini"`
fix credentials permission file 2020-04-21 00:25:08 +02:00			`mode: 0600`
fix ansible warnings 2020-04-20 23:39:41 +02:00			`when: certbot_credentials \| default([]) \| length > 0`
refator role 2020-04-19 23:27:41 +02:00
create cron 2018-06-22 23:16:49 +02:00			`- name: Schedule certbot run`
			`cron:`
allow to control multiple cert groups 2020-05-22 22:21:55 +02:00			`name: "Certbot automatic renewal: {{ item.name }}"`
refator role 2020-04-19 23:27:41 +02:00			`minute: "{{ certbot_cron_minute }}"`
			`hour: "{{ certbot_cron_hour }}"`
			`user: "{{ certbot_cron_user \| default(certbot_user) }}"`
other fix 2018-06-26 21:09:16 +02:00			`job: >`
add absolut path for certbot 2020-04-21 00:10:25 +02:00			`{{ certbot_bin \| default(__certbot_bin) }}`
add missing dirs to certbot command 2018-06-23 18:37:26 +02:00			`--config-dir {{ certbot_config_dir }}`
			`--work-dir {{ certbot_work_dir }}`
			`--logs-dir {{ certbot_log_dir }}`
feat: add certbot_max_log_backups 2021-06-04 08:45:03 +02:00			`--max-log-backups {{ certbot_max_log_backups }}`
fix multiline commands 2018-06-26 21:11:52 +02:00			`{{ certbot_command_arguments \| join(' ') }}`
allow to control multiple cert groups 2020-05-22 22:21:55 +02:00			`-n -d {{ item.domains \| join(',') }}`
refator role 2020-04-19 23:27:41 +02:00			`cron_file: "{{ certbot_cron_file \| default(omit) }}"`
allow to control multiple cert groups 2020-05-22 22:21:55 +02:00			`loop: "{{ certbot_domain_groups }}"`
			`loop_control:`
			`label: "{{ item.name }}"`
rename cron related variables 2020-04-20 22:47:48 +02:00			`when: certbot_cron_enabled`
optionally create user and setup directories 2018-06-22 21:18:48 +02:00			`become: True`
			`become_user: "{{ certbot_user }}"`