ansible/xoxys.lego
0
0
Fork 0
Code Issues Pull Requests Releases Activity

add cron and key type config options
All checks were successful
ci/woodpecker/push/lint Pipeline was successful
Details
ci/woodpecker/push/test Pipeline was successful
Details
ci/woodpecker/push/docs Pipeline was successful
Details
ci/woodpecker/push/notify Pipeline was successful
Details

Browse Source
This commit is contained in:
Robert Kaussow 2024-09-27 21:37:17 +02:00
parent 29e9b7fb98
commit 5d579f3fd3
Signed by: xoxys
GPG Key ID: 4E692A2EAECC03C0
3 changed files with 16 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
defaults/main.yml
View File

@ -6,6 +6,8 @@ lego_acme_account__email: ""
lego_cloudflare_api_token: "" lego_cloudflare_api_token: ""
lego_key_type: "ec256"
# @var lego_certificates:example: # @var lego_certificates:example:
# lego_certificates: # lego_certificates:
# - domains: # - domains:
@ -14,3 +16,7 @@ lego_cloudflare_api_token: ""
# skip_create: False # skip_create: False
# @end # @end
lego_certificates: [] lego_certificates: []
lego_cron_enabled: True
lego_cron_minute: "0"
lego_cron_hour: "2"

12
tasks/main.yml
View File

@ -26,7 +26,12 @@
recurse: True recurse: True
- name: Obtain certificates for domains - name: Obtain certificates for domains
ansible.builtin.command: '{{ __lego_bin_file }} --email="{{ lego_acme_account_email }}" --domains {{ " --domains ".join(item.domains) }} --dns="cloudflare" run' ansible.builtin.command: >-
{{ __lego_bin_file }} run
--email="{{ lego_acme_account_email }}"
--domains {{ " --domains ".join(item.domains) }}
--key-type="{{ lego_key_type }}"
--dns="cloudflare"
args: args:
creates: "{{ __lego_base_dir }}/.lego/certificates/{{ item.domains[0] }}.crt" creates: "{{ __lego_base_dir }}/.lego/certificates/{{ item.domains[0] }}.crt"
environment: environment:
@ -49,6 +54,7 @@
name: "lego-renew" name: "lego-renew"
cron_file: "lego-renew" cron_file: "lego-renew"
job: "{{ __lego_base_dir }}/bin/cron_lego_renew.sh >> {{ __lego_base_dir }}/cron_lego_renew.log 2>&1" job: "{{ __lego_base_dir }}/bin/cron_lego_renew.sh >> {{ __lego_base_dir }}/cron_lego_renew.log 2>&1"
hour: 2 hour: "{{ lego_cron_hour }}"
minute: 5 minute: "{{ lego_cron_minute }}"
user: root user: root
state: "{{ 'present' if lego_cron_enabled | bool else 'absent' }}"

3
templates/cron_lego_renew.sh.j2
View File

@ -4,11 +4,10 @@
export LEGO_SERVER="{{ lego_acme_server }}/directory" export LEGO_SERVER="{{ lego_acme_server }}/directory"
export LEGO_PATH="{{ __lego_base_dir }}/.lego" export LEGO_PATH="{{ __lego_base_dir }}/.lego"
export CLOUDFLARE_API_TOKEN="{{ lego_cloudflare_api_token }}" export CLOUDFLARE_API_TOKEN="{{ lego_cloudflare_api_token }}"
{% for cert in lego_certificates %} {% for cert in lego_certificates %}
echo "$(date) checking for cert update for {{ ', '.join(cert.domains) }}." echo "$(date) checking for cert update for {{ ', '.join(cert.domains) }}."
{{ __lego_bin_file }} --email="{{ lego_acme_account_email }}" --domains {{ ' --domains '.join(cert.domains) }} --dns="cloudflare" renew --days 30 {{ __lego_bin_file }} --email="{{ lego_acme_account_email }}" --domains {{ ' --domains '.join(cert.domains) }} --key-type="{{ lego_key_type }}" --dns="cloudflare" renew --days 30
{% endfor %} {% endfor %}