xoxys.certbot/tasks/install.yml
Robert Kaussow 3d538bfb70
All checks were successful
continuous-integration/drone/push Build is passing
fix credentials permission file
2020-04-21 00:25:08 +02:00

54 lines
1.6 KiB
YAML

---
- name: Create certbot user '{{ certbot_user }}'
user:
name: "{{ certbot_user }}"
become: True
become_user: root
when: not certbot_user == 'root'
- block:
- name: Install certbot with pip
pip:
name: "{{ item }}"
executable: pip3
extra_args: --user
loop: "{{ certbot_packages_extra + __certbot_packages }}"
- name: Create certbot environment
file:
path: "{{ item.name }}"
state: directory
mode: "{{ item.mode }}"
loop: "{{ __certbot_environment }}"
loop_control:
label: "{{ item.name }}"
- name: Deploy config file
template:
src: config/cli.ini.j2
dest: "{{ certbot_config_dir }}/cli.ini"
- name: Deploy credentials file
template:
src: config/credentials.ini.j2
dest: "{{ certbot_config_dir }}/credentials.ini"
mode: 0600
when: certbot_credentials | default([]) | length > 0
- name: Schedule certbot run
cron:
name: Certbot automatic renewal
minute: "{{ certbot_cron_minute }}"
hour: "{{ certbot_cron_hour }}"
user: "{{ certbot_cron_user | default(certbot_user) }}"
job: >
{{ certbot_bin | default(__certbot_bin) }}
--config-dir {{ certbot_config_dir }}
--work-dir {{ certbot_work_dir }}
--logs-dir {{ certbot_log_dir }}
{{ certbot_command_arguments | join(' ') }}
cron_file: "{{ certbot_cron_file | default(omit) }}"
when: certbot_cron_enabled
become: True
become_user: "{{ certbot_user }}"