ansible-personal/roles/nginx/tasks/letsencrypt.yml
Alan Orth 57120308dc
Update with_items loops to use new-ish "loop" keyword
Ansible 2.4 and 2.5 are moving away from specialized loop functions
and the old syntax will eventually be deprecated and removed. I did
not change the with_fileglob loops because I'm not sure about their
syntax yet.

See: https://docs.ansible.com/ansible/latest/user_guide/playbooks_loops.html
2018-04-02 15:52:51 +03:00

114 lines
2.7 KiB
YAML

---
- name: Copy systemd service to renew Let's Encrypt certs
template: src=renew-letsencrypt.service.j2 dest=/etc/systemd/system/renew-letsencrypt.service mode=0644 owner=root group=root
- name: Copy systemd timer to renew Let's Encrypt certs
copy: src=renew-letsencrypt.timer dest=/etc/systemd/system/renew-letsencrypt.timer mode=0644 owner=root group=root
# always issues daemon-reload just in case the server/timer changed
- name: Start and enable systemd timer to renew Let's Encrypt certs
systemd: name=renew-letsencrypt.timer state=started enabled=yes daemon_reload=yes
- name: Download certbot
get_url: dest={{ letsencrypt_certbot_dest }} url=https://dl.eff.org/certbot-auto mode=700
# dependencies certbot checks for on its first run
# taken from running certbot right after a clean Ubuntu 16.04 install
- name: Install certbot dependencies (Ubuntu 16.04)
when: ansible_distribution == 'Ubuntu' and ansible_distribution_version is version_compare('16.04', '==')
apt: name={{ item }} state=present update_cache=yes
loop:
- augeas-doc
- augeas-tools
- binutils
- cpp
- cpp-5
- dialog
- gcc
- gcc-5
- libasan2
- libatomic1
- libcc1-0
- libcilkrts5
- libexpat1-dev
- libffi-dev
- libgcc-5-dev
- libgomp1
- libisl15
- libitm1
- liblsan0
- libmpc3
- libmpx0
- libpython-dev
- libpython2.7
- libpython2.7-dev
- libquadmath0
- libssl-dev
- libtsan0
- libubsan0
- python-dev
- python-pip-whl
- python-pkg-resources
- python-virtualenv
- python2.7-dev
- python3-virtualenv
- virtualenv
- zlib1g-dev
tags: packages
# dependencies certbot checks for on its first run
# taken from running certbot right after a clean Debian 9 install
- name: Install certbot dependencies (Debian 9)
when: ansible_distribution == 'Debian' and ansible_distribution_major_version is version_compare('9', '==')
apt: name={{ item }} state=present update_cache=yes
loop:
- augeas-doc
- augeas-tools
- autoconf
- automake
- binutils
- bison
- cpp
- cpp-6
- flex
- gcc-6
- gcc-doc
- gcc-multilib
- gdb
- libasan3
- libatomic1
- libc-dev-bin
- libc6-dev
- libcc1-0
- libcilkrts5
- libexpat1-dev
- libffi-dev
- libgcc-6-dev
- libgomp1
- libisl15
- libitm1
- liblsan0
- libmpc3
- libmpx2
- libpython-dev
- libpython2.7
- libpython2.7-dev
- libquadmath0
- libssl-dev
- libtool
- libtsan0
- libubsan0
- linux-libc-dev
- make
- python-dev
- python-pip-whl
- python-pkg-resources
- python-virtualenv
- python2.7-dev
- python3-virtualenv
- virtualenv
tags: packages
# vim: set ts=2 sw=2: