2018-06-22 19:18:48 +00:00
|
|
|
---
|
2020-04-20 21:21:54 +00:00
|
|
|
- name: Create certbot user '{{ certbot_user }}'
|
|
|
|
|
user:
|
|
|
|
|
name: "{{ certbot_user }}"
|
2019-09-18 14:37:54 +00:00
|
|
|
become: True
|
|
|
|
|
become_user: root
|
2020-04-20 21:21:54 +00:00
|
|
|
when: not certbot_user == 'root'
|
2018-06-22 19:18:48 +00:00
|
|
|
|
2019-09-18 14:37:54 +00:00
|
|
|
- block:
|
2021-04-17 10:20:07 +00:00
|
|
|
- name: Upgrade python dependencies
|
|
|
|
|
pip:
|
|
|
|
|
name: "{{ item }}"
|
|
|
|
|
virtualenv: /opt/python3/certbot
|
|
|
|
|
virtualenv_command: /usr/bin/python3 -m venv
|
|
|
|
|
extra_args: --upgrade
|
|
|
|
|
loop:
|
|
|
|
|
- pip
|
|
|
|
|
- setuptools
|
|
|
|
|
|
2020-05-10 15:05:23 +00:00
|
|
|
- name: Install dependencies
|
|
|
|
|
pip:
|
|
|
|
|
name: "{{ item }}"
|
2021-04-17 10:20:07 +00:00
|
|
|
virtualenv: /opt/python3/certbot
|
|
|
|
|
virtualenv_command: /usr/bin/python3 -m venv
|
|
|
|
|
environment:
|
|
|
|
|
TMPDIR: /opt/python3/tmp
|
2020-05-10 15:05:23 +00:00
|
|
|
loop: "{{ certbot_packages_extra }}"
|
|
|
|
|
|
2021-04-17 10:20:07 +00:00
|
|
|
- name: Install certbot
|
2020-04-20 21:25:13 +00:00
|
|
|
pip:
|
|
|
|
|
name: "{{ item }}"
|
2021-04-17 10:20:07 +00:00
|
|
|
virtualenv: /opt/python3/certbot
|
|
|
|
|
virtualenv_command: /usr/bin/python3 -m venv
|
2020-05-10 15:05:23 +00:00
|
|
|
loop: "{{ __certbot_packages }}"
|
2020-04-20 21:21:54 +00:00
|
|
|
|
2021-04-17 10:20:07 +00:00
|
|
|
- name: Adjust file permissions
|
|
|
|
|
file:
|
|
|
|
|
name: /opt/python3/certbot
|
|
|
|
|
recurse: True
|
|
|
|
|
mode: u+rwX,go+rX,go-w
|
|
|
|
|
state: directory
|
|
|
|
|
|
|
|
|
|
- name: Make certbot binaries executable
|
|
|
|
|
file:
|
|
|
|
|
name: "/opt/python3/certbot/bin/{{ item }}"
|
|
|
|
|
mode: 0755
|
|
|
|
|
loop: "{{ __certbot_binaries }}"
|
|
|
|
|
|
|
|
|
|
- name: Deploy certbot bin wrappers
|
|
|
|
|
template:
|
|
|
|
|
src: usr/local/bin/certbot-wrapper.j2
|
|
|
|
|
dest: "/usr/local/bin/{{ item }}"
|
|
|
|
|
owner: root
|
|
|
|
|
group: root
|
|
|
|
|
mode: 0755
|
|
|
|
|
loop: "{{ __certbot_binaries }}"
|
|
|
|
|
become: True
|
|
|
|
|
become_user: root
|
|
|
|
|
|
|
|
|
|
- block:
|
2018-06-22 19:18:48 +00:00
|
|
|
- name: Create certbot environment
|
2018-06-22 19:39:52 +00:00
|
|
|
file:
|
|
|
|
|
path: "{{ item.name }}"
|
2018-06-22 19:18:48 +00:00
|
|
|
state: directory
|
2018-06-22 19:39:52 +00:00
|
|
|
mode: "{{ item.mode }}"
|
2020-04-19 21:37:59 +00:00
|
|
|
loop: "{{ __certbot_environment }}"
|
2018-06-22 19:45:25 +00:00
|
|
|
loop_control:
|
|
|
|
|
label: "{{ item.name }}"
|
2018-06-22 19:18:48 +00:00
|
|
|
|
|
|
|
|
- name: Deploy config file
|
|
|
|
|
template:
|
2018-06-22 19:59:02 +00:00
|
|
|
src: config/cli.ini.j2
|
2018-06-22 20:50:24 +00:00
|
|
|
dest: "{{ certbot_config_dir }}/cli.ini"
|
2021-02-06 14:15:59 +00:00
|
|
|
mode: 0640
|
2018-06-22 21:16:49 +00:00
|
|
|
|
2020-04-19 21:27:41 +00:00
|
|
|
- name: Deploy credentials file
|
|
|
|
|
template:
|
|
|
|
|
src: config/credentials.ini.j2
|
|
|
|
|
dest: "{{ certbot_config_dir }}/credentials.ini"
|
2020-04-20 22:25:08 +00:00
|
|
|
mode: 0600
|
2020-04-20 21:39:41 +00:00
|
|
|
when: certbot_credentials | default([]) | length > 0
|
2020-04-19 21:27:41 +00:00
|
|
|
|
2018-06-22 21:16:49 +00:00
|
|
|
- name: Schedule certbot run
|
|
|
|
|
cron:
|
2020-05-22 20:21:55 +00:00
|
|
|
name: "Certbot automatic renewal: {{ item.name }}"
|
2020-04-19 21:27:41 +00:00
|
|
|
minute: "{{ certbot_cron_minute }}"
|
|
|
|
|
hour: "{{ certbot_cron_hour }}"
|
|
|
|
|
user: "{{ certbot_cron_user | default(certbot_user) }}"
|
2018-06-26 19:09:16 +00:00
|
|
|
job: >
|
2020-04-20 22:10:25 +00:00
|
|
|
{{ certbot_bin | default(__certbot_bin) }}
|
2018-06-23 16:37:26 +00:00
|
|
|
--config-dir {{ certbot_config_dir }}
|
|
|
|
|
--work-dir {{ certbot_work_dir }}
|
|
|
|
|
--logs-dir {{ certbot_log_dir }}
|
2021-06-04 06:45:03 +00:00
|
|
|
--max-log-backups {{ certbot_max_log_backups }}
|
2018-06-26 19:11:52 +00:00
|
|
|
{{ certbot_command_arguments | join(' ') }}
|
2020-05-22 20:21:55 +00:00
|
|
|
-n -d {{ item.domains | join(',') }}
|
2020-04-19 21:27:41 +00:00
|
|
|
cron_file: "{{ certbot_cron_file | default(omit) }}"
|
2020-05-22 20:21:55 +00:00
|
|
|
loop: "{{ certbot_domain_groups }}"
|
|
|
|
|
loop_control:
|
|
|
|
|
label: "{{ item.name }}"
|
2020-04-20 20:47:48 +00:00
|
|
|
when: certbot_cron_enabled
|
2018-06-22 19:18:48 +00:00
|
|
|
become: True
|
|
|
|
|
become_user: "{{ certbot_user }}"
|
