Alan Orth
57120308dc
Ansible 2.4 and 2.5 are moving away from specialized loop functions and the old syntax will eventually be deprecated and removed. I did not change the with_fileglob loops because I'm not sure about their syntax yet. See: https://docs.ansible.com/ansible/latest/user_guide/playbooks_loops.html
114 lines
2.7 KiB
YAML
114 lines
2.7 KiB
YAML
---
|
|
|
|
- name: Copy systemd service to renew Let's Encrypt certs
|
|
template: src=renew-letsencrypt.service.j2 dest=/etc/systemd/system/renew-letsencrypt.service mode=0644 owner=root group=root
|
|
|
|
- name: Copy systemd timer to renew Let's Encrypt certs
|
|
copy: src=renew-letsencrypt.timer dest=/etc/systemd/system/renew-letsencrypt.timer mode=0644 owner=root group=root
|
|
|
|
# always issues daemon-reload just in case the server/timer changed
|
|
- name: Start and enable systemd timer to renew Let's Encrypt certs
|
|
systemd: name=renew-letsencrypt.timer state=started enabled=yes daemon_reload=yes
|
|
|
|
- name: Download certbot
|
|
get_url: dest={{ letsencrypt_certbot_dest }} url=https://dl.eff.org/certbot-auto mode=700
|
|
|
|
# dependencies certbot checks for on its first run
|
|
# taken from running certbot right after a clean Ubuntu 16.04 install
|
|
- name: Install certbot dependencies (Ubuntu 16.04)
|
|
when: ansible_distribution == 'Ubuntu' and ansible_distribution_version is version_compare('16.04', '==')
|
|
apt: name={{ item }} state=present update_cache=yes
|
|
loop:
|
|
- augeas-doc
|
|
- augeas-tools
|
|
- binutils
|
|
- cpp
|
|
- cpp-5
|
|
- dialog
|
|
- gcc
|
|
- gcc-5
|
|
- libasan2
|
|
- libatomic1
|
|
- libcc1-0
|
|
- libcilkrts5
|
|
- libexpat1-dev
|
|
- libffi-dev
|
|
- libgcc-5-dev
|
|
- libgomp1
|
|
- libisl15
|
|
- libitm1
|
|
- liblsan0
|
|
- libmpc3
|
|
- libmpx0
|
|
- libpython-dev
|
|
- libpython2.7
|
|
- libpython2.7-dev
|
|
- libquadmath0
|
|
- libssl-dev
|
|
- libtsan0
|
|
- libubsan0
|
|
- python-dev
|
|
- python-pip-whl
|
|
- python-pkg-resources
|
|
- python-virtualenv
|
|
- python2.7-dev
|
|
- python3-virtualenv
|
|
- virtualenv
|
|
- zlib1g-dev
|
|
tags: packages
|
|
|
|
# dependencies certbot checks for on its first run
|
|
# taken from running certbot right after a clean Debian 9 install
|
|
- name: Install certbot dependencies (Debian 9)
|
|
when: ansible_distribution == 'Debian' and ansible_distribution_major_version is version_compare('9', '==')
|
|
apt: name={{ item }} state=present update_cache=yes
|
|
loop:
|
|
- augeas-doc
|
|
- augeas-tools
|
|
- autoconf
|
|
- automake
|
|
- binutils
|
|
- bison
|
|
- cpp
|
|
- cpp-6
|
|
- flex
|
|
- gcc-6
|
|
- gcc-doc
|
|
- gcc-multilib
|
|
- gdb
|
|
- libasan3
|
|
- libatomic1
|
|
- libc-dev-bin
|
|
- libc6-dev
|
|
- libcc1-0
|
|
- libcilkrts5
|
|
- libexpat1-dev
|
|
- libffi-dev
|
|
- libgcc-6-dev
|
|
- libgomp1
|
|
- libisl15
|
|
- libitm1
|
|
- liblsan0
|
|
- libmpc3
|
|
- libmpx2
|
|
- libpython-dev
|
|
- libpython2.7
|
|
- libpython2.7-dev
|
|
- libquadmath0
|
|
- libssl-dev
|
|
- libtool
|
|
- libtsan0
|
|
- libubsan0
|
|
- linux-libc-dev
|
|
- make
|
|
- python-dev
|
|
- python-pip-whl
|
|
- python-pkg-resources
|
|
- python-virtualenv
|
|
- python2.7-dev
|
|
- python3-virtualenv
|
|
- virtualenv
|
|
tags: packages
|
|
|
|
# vim: set ts=2 sw=2:
|