More cert fixes.
---
- name: apt install dns cloudflare
become: yes
apt: name="python3-certbot-dns-cloudflare"
- name: configure cloudflare credentials
become: yes
template:
src: "cred.conf.j2"
dest: "/etc/letsencrypt/cred.conf"
mode: "0600"
owner: "root"
group: "root"
# - name: make renewal dir
# become: yes
# file:
# path: "/etc/letsencrypt/renewal/"
# state: "directory"
## I dont think this is needed anymore. I think it get's installed automatically now.
# - name: configure renewal
# become: yes
# template:
# src: "letsencrypt.conf.j2"
# dest: "/etc/letsencrypt/renewal/{{certbot_dns_cloudflare_domain}}.conf"
# mode: "0644"
# owner: "root"
# group: "root"
- name: check if cert exists
become: yes
stat: path="/etc/letsencrypt/live/{{certbot_dns_cloudflare_domain}}/cert.pem"
register: cert
- name: run certbot
become: yes
command: "certbot certonly -n --agree-tos --email {{certbot_dns_cloudflare_email}} --dns-cloudflare --dns-cloudflare-credentials /etc/letsencrypt/cred.conf --cert-name {{certbot_dns_cloudflare_domain}} -d {{certbot_dns_cloudflare_domain}} -d \"*.{{certbot_dns_cloudflare_domain}}\""
when: not cert.stat.exists
changed_when: false