common/tasks/certbot/install.yml
2020-02-10 10:41:05 +05:00

36 lines
901 B
YAML

---
- name: Install Certbot
apt:
name: certbot
- name: Create directory for Let's Encrypt configuration
file:
state: directory
path: '{{ common__certbot__conf_dir }}'
mode: 'u=rwx,g=rx,o=rx'
owner: root
group: root
- name: Install Let's Encrypt config
template:
src: templates/certbot/cli.ini
dest: '{{ common__certbot__conf_cli }}'
mode: 'u=rw,g=r,o=r'
owner: root
group: root
- name: Install Nginx SSL options
template:
src: templates/certbot/options-ssl-nginx.conf
dest: '{{ common__certbot__conf_nginx }}'
mode: 'u=rw,g=r,o=r'
owner: root
group: root
- name: Obtain Let's Encrypt certificate
command: 'certbot certonly'
register: common__certbot__result
when: common__certbot__run|bool
changed_when: >-
common__certbot__result.stdout is
not search('Certificate not yet due for renewal; no action taken.')