Mercurial Mercurial > ansible-roles / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
certbot-dns-cloudflare/tasks/main.yaml
author Luke Hoersten <luke@hoersten.org>
Mon, 12 Feb 2024 17:29:16 -0600
changeset 232 a447e60bd3e9
parent 227 2e0366f2dcbe
permissions -rw-r--r--
Version updates

---

- name: apt install dns cloudflare
  become: yes
  apt: name="python3-certbot-dns-cloudflare"

- name: configure cloudflare credentials
  become: yes
  template:
    src: "cred.conf.j2"
    dest: "/etc/letsencrypt/cred.conf"
    mode: "0600"
    owner: "root"
    group: "root"

- name: make renewal dir
  become: yes
  file:
    path: "/etc/letsencrypt/renewal/"
    state: "directory"

- name: configure renewal
  become: yes
  template:
    src: "{{certbot_dns_cloudflare_conf}}"
    dest: "/etc/letsencrypt/renewal/{{certbot_dns_cloudflare_domain}}.conf"
    mode: "0644"
    owner: "root"
    group: "root"

- name: check if cert exists
  become: yes
  stat: path="/etc/letsencrypt/live/{{certbot_dns_cloudflare_domain}}-0001/cert.pem"
  register: cert

- name: run certbot
  become: yes
  command: "certbot certonly -n --agree-tos --email {{certbot_dns_cloudflare_email}} --dns-cloudflare --dns-cloudflare-credentials /etc/letsencrypt/cred.conf -d {{certbot_dns_cloudflare_domain}} -d \"*.{{certbot_dns_cloudflare_domain}}\""
  when: not cert.stat.exists
  changed_when: false
ansible-roles