mirror of
https://gitlab.crans.org/bde/nk20
synced 2024-12-25 17:02:22 +00:00
3aad4e7398
Signed-off-by: Yohann D'ANELLO <yohann.danello@gmail.com>
41 lines
1.0 KiB
YAML
41 lines
1.0 KiB
YAML
---
|
|
- name: Install basic APT packages
|
|
apt:
|
|
update_cache: true
|
|
name:
|
|
- certbot
|
|
- python3-certbot-nginx
|
|
register: pkg_result
|
|
retries: 3
|
|
until: pkg_result is succeeded
|
|
|
|
- name: Check if certificate already exists.
|
|
stat:
|
|
path: /etc/letsencrypt/live/{{note.server_name}}/cert.pem
|
|
register: letsencrypt_cert
|
|
|
|
- name: Create /etc/letsencrypt/conf.d
|
|
file:
|
|
path: /etc/letsencrypt/conf.d
|
|
state: directory
|
|
|
|
- name: Add Certbot configuration
|
|
template:
|
|
src: "letsencrypt/conf.d/nk20.ini.j2"
|
|
dest: "/etc/letsencrypt/conf.d/nk20.ini"
|
|
mode: 0644
|
|
|
|
- name: Stop services to allow certbot to generate a cert.
|
|
service:
|
|
name: nginx
|
|
state: stopped
|
|
|
|
- name: Generate new certificate if one doesn't exist.
|
|
shell: "certbot certonly --non-interactive --agree-tos --config /etc/letsencrypt/conf.d/nk20.ini -d {{note.server_name}}"
|
|
when: letsencrypt_cert.stat.exists == False
|
|
|
|
- name: Restart services to allow certbot to generate a cert.
|
|
service:
|
|
name: nginx
|
|
state: started
|