add cron and key type config options
This commit is contained in:
parent
29e9b7fb98
commit
5d579f3fd3
@ -6,6 +6,8 @@ lego_acme_account__email: ""
|
||||
|
||||
lego_cloudflare_api_token: ""
|
||||
|
||||
lego_key_type: "ec256"
|
||||
|
||||
# @var lego_certificates:example:
|
||||
# lego_certificates:
|
||||
# - domains:
|
||||
@ -14,3 +16,7 @@ lego_cloudflare_api_token: ""
|
||||
# skip_create: False
|
||||
# @end
|
||||
lego_certificates: []
|
||||
|
||||
lego_cron_enabled: True
|
||||
lego_cron_minute: "0"
|
||||
lego_cron_hour: "2"
|
||||
|
@ -26,7 +26,12 @@
|
||||
recurse: True
|
||||
|
||||
- name: Obtain certificates for domains
|
||||
ansible.builtin.command: '{{ __lego_bin_file }} --email="{{ lego_acme_account_email }}" --domains {{ " --domains ".join(item.domains) }} --dns="cloudflare" run'
|
||||
ansible.builtin.command: >-
|
||||
{{ __lego_bin_file }} run
|
||||
--email="{{ lego_acme_account_email }}"
|
||||
--domains {{ " --domains ".join(item.domains) }}
|
||||
--key-type="{{ lego_key_type }}"
|
||||
--dns="cloudflare"
|
||||
args:
|
||||
creates: "{{ __lego_base_dir }}/.lego/certificates/{{ item.domains[0] }}.crt"
|
||||
environment:
|
||||
@ -49,6 +54,7 @@
|
||||
name: "lego-renew"
|
||||
cron_file: "lego-renew"
|
||||
job: "{{ __lego_base_dir }}/bin/cron_lego_renew.sh >> {{ __lego_base_dir }}/cron_lego_renew.log 2>&1"
|
||||
hour: 2
|
||||
minute: 5
|
||||
hour: "{{ lego_cron_hour }}"
|
||||
minute: "{{ lego_cron_minute }}"
|
||||
user: root
|
||||
state: "{{ 'present' if lego_cron_enabled | bool else 'absent' }}"
|
||||
|
@ -4,11 +4,10 @@
|
||||
|
||||
export LEGO_SERVER="{{ lego_acme_server }}/directory"
|
||||
export LEGO_PATH="{{ __lego_base_dir }}/.lego"
|
||||
|
||||
export CLOUDFLARE_API_TOKEN="{{ lego_cloudflare_api_token }}"
|
||||
|
||||
{% for cert in lego_certificates %}
|
||||
echo "$(date) checking for cert update for {{ ', '.join(cert.domains) }}."
|
||||
{{ __lego_bin_file }} --email="{{ lego_acme_account_email }}" --domains {{ ' --domains '.join(cert.domains) }} --dns="cloudflare" renew --days 30
|
||||
{{ __lego_bin_file }} --email="{{ lego_acme_account_email }}" --domains {{ ' --domains '.join(cert.domains) }} --key-type="{{ lego_key_type }}" --dns="cloudflare" renew --days 30
|
||||
|
||||
{% endfor %}
|
||||
|
Loading…
Reference in New Issue
Block a user