roles: use fully qualified module names
This commit is contained in:
@ -4,12 +4,12 @@
|
||||
# snap now.
|
||||
- block:
|
||||
- name: Remove certbot
|
||||
apt:
|
||||
ansible.builtin.apt:
|
||||
name: certbot
|
||||
state: absent
|
||||
|
||||
- name: Remove old certbot post and pre hooks for nginx
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
dest: "{{ item }}"
|
||||
state: absent
|
||||
with_items:
|
||||
@ -17,12 +17,12 @@
|
||||
- /etc/letsencrypt/renewal-hooks/post/start-nginx.sh
|
||||
|
||||
- name: Check if acme.sh is installed
|
||||
stat:
|
||||
ansible.builtin.stat:
|
||||
path: "{{ letsencrypt_acme_home }}"
|
||||
register: acme_home
|
||||
|
||||
- name: Download acme.sh
|
||||
get_url:
|
||||
ansible.builtin.get_url:
|
||||
url: https://raw.githubusercontent.com/acmesh-official/acme.sh/master/acme.sh
|
||||
dest: "{{ letsencrypt_acme_script_temp }}"
|
||||
mode: 0700
|
||||
@ -41,7 +41,7 @@
|
||||
when: acme_download is changed
|
||||
|
||||
- name: Remove temporary acme.sh script
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
dest: "{{ letsencrypt_acme_script_temp }}"
|
||||
state: absent
|
||||
when: acme_install.rc is defined and acme_install.rc == 0
|
||||
@ -51,7 +51,7 @@
|
||||
cmd: "{{ letsencrypt_acme_home }}/acme.sh --set-default-ca --server letsencrypt"
|
||||
|
||||
- name: Prepare Let's Encrypt well-known directory
|
||||
file:
|
||||
ansible.builtin.file:
|
||||
state: directory
|
||||
path: /var/lib/letsencrypt/.well-known
|
||||
owner: root
|
||||
@ -59,7 +59,7 @@
|
||||
mode: g+s
|
||||
|
||||
- name: Copy systemd service to renew Let's Encrypt certs
|
||||
template:
|
||||
ansible.builtin.template:
|
||||
src: renew-letsencrypt.service.j2
|
||||
dest: /etc/systemd/system/renew-letsencrypt.service
|
||||
mode: 0644
|
||||
@ -67,7 +67,7 @@
|
||||
group: root
|
||||
|
||||
- name: Copy systemd timer to renew Let's Encrypt certs
|
||||
copy:
|
||||
ansible.builtin.copy:
|
||||
src: renew-letsencrypt.timer
|
||||
dest: /etc/systemd/system/renew-letsencrypt.timer
|
||||
mode: 0644
|
||||
@ -76,7 +76,7 @@
|
||||
|
||||
# always issues daemon-reload just in case the service/timer changed
|
||||
- name: Start and enable systemd timer to renew Let's Encrypt certs
|
||||
systemd:
|
||||
ansible.builtin.systemd:
|
||||
name: renew-letsencrypt.timer
|
||||
state: started
|
||||
enabled: yes
|
||||
|
||||
Reference in New Issue
Block a user