test: not to be merged

2025-04-05 14:13:33 +02:00
parent dd89ef99f6
commit 51d3e68b57
4 changed files with 52 additions and 15 deletions
--- a/roles/nginx/tasks/letsencrypt.yml
+++ b/roles/nginx/tasks/letsencrypt.yml
@@ -0,0 +1,25 @@
+---
+
+- name: Generate certificate
+  ansible.builtin.command:
+    cmd: "/etc/x509/acme.sh --issue --domain {{ item.host }} --webroot {{ nginx_letsencrypt_dir }}"
+    creates: "/etc/x509/{{ item.host }}*"
+  environment:
+    LE_WORKING_DIR: /etc/x509
+
+- name: Get ecc certificate dir
+  ansible.builtin.stat:
+    path: "/etc/x509/{{ item.host }}_ecc/"
+  register: _nginx_x509_ecc_current_dir
+
+- name: Move ecc certificate
+  ansible.builtin.copy:
+    remote_src: true
+    src: "/etc/x509/{{ item.host }}_ecc/"
+    dest: "/etc/x509/{{ item.host }}/"
+  when: _nginx_x509_ecc_current_dir.stat.exists
+
+- name: Remove ecc certificate
+  ansible.builtin.file:
+    path: "/etc/x509/{{ item.host }}_ecc"
+    state: absent
--- a/roles/nginx/tasks/main.yml
+++ b/roles/nginx/tasks/main.yml
@@ -41,5 +41,12 @@
    mode: 'u+rwx,g+rs,o-rwx'
    state: directory

+- name: Flush handlers
+  ansible.builtin.meta: flush_handlers
+
+- name: Handle letsencrypt cert
+  ansible.builtin.include_tasks: letsencrypt.yml
+  loop: "{{ web_hostname }}"
+
 - name: Include vhosts
  ansible.builtin.include_tasks: vhosts.yml