Added certbot dns cloudflare role. Useful for when ISP blocks port 80.

2 files changed, 25 insertions, 0 deletions

diff --git a/certbot-dns-cloudflare/tasks/main.yaml b/certbot-dns-cloudflare/tasks/main.yaml
new file mode 100644
index 0000000..b80e554
--- /dev/null
+++ b/certbot-dns-cloudflare/tasks/main.yaml
@@ -0,0 +1,23 @@
+---
+
+- name: apt install dns cloudflare
+  become: yes
+  apt: name="python3-certbot-dns-cloudflare"
+
+- name: configure cloudflare credentials
+  become: yes
+  template:
+    src: "cred.conf.j2"
+    dest: "/etc/letsencrypt/cred.conf"
+    mode: "0600"
+    owner: "root"
+    group: "root"
+
+- name: configure renewal
+  become: yes
+  template:
+    src: "{{certbot_dns_cloudflare_conf}}"
+    dest: "/etc/letsencrypt/renewal/{{certbot_dns_cloudflare_domain}}.conf"
+    mode: "0644"
+    owner: "root"
+    group: "root"
diff --git a/certbot-dns-cloudflare/templates/cred.conf.j2 b/certbot-dns-cloudflare/templates/cred.conf.j2
new file mode 100644
index 0000000..73db188
--- /dev/null
+++ b/certbot-dns-cloudflare/templates/cred.conf.j2
@@ -0,0 +1,2 @@
+dns_cloudflare_email = {{certbot_dns_cloudflare_email}}
+dns_cloudflare_api_key = {{certbot_dns_cloudflare_api_key}}