42 lines
1.6 KiB
YAML
42 lines
1.6 KiB
YAML
---
|
|
|
|
- name: Copy systemd service to renew Let's Encrypt certs
|
|
template: src=renew-letsencrypt.service.j2 dest=/etc/systemd/system/renew-letsencrypt.service mode=0644 owner=root group=root
|
|
tags: letsencrypt
|
|
|
|
- name: Copy systemd timer to renew Let's Encrypt certs
|
|
copy: src=renew-letsencrypt.timer dest=/etc/systemd/system/renew-letsencrypt.timer mode=0644 owner=root group=root
|
|
tags: letsencrypt
|
|
|
|
# always issues daemon-reload just in case the server/timer changed
|
|
- name: Start and enable systemd timer to renew Let's Encrypt certs
|
|
systemd: name=renew-letsencrypt.timer state=started enabled=yes daemon_reload=yes
|
|
tags: letsencrypt
|
|
|
|
- name: Download certbot
|
|
get_url: dest={{ letsencrypt_certbot_dest }} url=https://dl.eff.org/certbot-auto mode=700
|
|
tags: letsencrypt
|
|
|
|
- name: Install certbot dependencies (Ubuntu 16.04)
|
|
when: ansible_distribution == 'Ubuntu' and ansible_distribution_version is version_compare('16.04', '==')
|
|
apt: name={{ letsencrypt_deps_ubuntu_xenial }} state=present update_cache=yes
|
|
tags:
|
|
- packages
|
|
- letsencrypt
|
|
|
|
- name: Install certbot dependencies (Ubuntu 18.04)
|
|
when: ansible_distribution == 'Ubuntu' and ansible_distribution_version is version_compare('18.04', '==')
|
|
apt: name={{ letsencrypt_deps_ubuntu_bionic }} state=present update_cache=yes
|
|
tags:
|
|
- packages
|
|
- letsencrypt
|
|
|
|
- name: Install certbot dependencies (Debian 9)
|
|
when: ansible_distribution == 'Debian' and ansible_distribution_major_version is version_compare('9', '==')
|
|
apt: name={{ letsencrypt_deps_debian_stretch }} state=present update_cache=yes
|
|
tags:
|
|
- packages
|
|
- letsencrypt
|
|
|
|
# vim: set ts=2 sw=2:
|