Added certbot and cloudflare support.

2 files changed, 5 insertions, 3 deletions

diff --git a/roles/nginx/defaults/main.yaml b/roles/nginx/defaults/main.yaml
index 8d65d55..c0db79d 100644
--- a/roles/nginx/defaults/main.yaml
+++ b/roles/nginx/defaults/main.yaml
@@ -2,7 +2,9 @@
 
 nginx_port: 80
 nginx_ssl_port: 443
-nginx_enable_ssl: No
+nginx_ssl_cert: "/etc/letsencrypt/live/{{nginx_server_name}}/fullchain.pem"
+nginx_ssl_privkey: "/etc/letsencrypt/live/{{nginx_server_name}}/privkey.pem"
+nginx_enable_certbot: No
 nginx_server_name: "{{ansible_host}}"
 nginx_conf_dst: "{{nginx_server_name}}.nginx.conf"
 nginx_admin_email: "admin@{{nginx_server_name}}"
diff --git a/roles/nginx/tasks/main.yaml b/roles/nginx/tasks/main.yaml
index e255410..74c6d7e 100644
--- a/roles/nginx/tasks/main.yaml
+++ b/roles/nginx/tasks/main.yaml
@@ -13,13 +13,13 @@
   become: yes
   apt: name="python-certbot-nginx"
   notify: restart nginx
-  when: nginx_enable_ssl
+  when: nginx_enable_certbot
 
 - name: install certbot in nginx
   become: yes
   command: "certbot certonly --nginx -n --agree-tos -d {{nginx_server_name}} -m {{nginx_admin_email}}"
   notify: restart nginx
-  when: nginx_enable_ssl
+  when: nginx_enable_certbot
 
 - name: disable default site
   become: yes