✨: automate acme.sh certificate issue
Some checks failed
ansible-lint / lint-everything (push) Failing after 1m20s
Some checks failed
ansible-lint / lint-everything (push) Failing after 1m20s
This commit is contained in:
VC
27
roles/nginx/tasks/acme.yml
Normal file
27
roles/nginx/tasks/acme.yml
Normal file
@@ -0,0 +1,27 @@
|
||||
---
|
||||
|
||||
- name: Issue certificate
|
||||
ansible.builtin.command:
|
||||
cmd: "/etc/x509/acme.sh --issue --domain {{ host.host }} --webroot {{ nginx_letsencrypt_dir }} --reloadcmd \"{{ acme_reload_cmd | default('systemctl reload nginx.service') }}\""
|
||||
creates: "/etc/x509/{{ host.host }}*"
|
||||
environment:
|
||||
LE_WORKING_DIR: "/etc/x509"
|
||||
|
||||
- name: Check if ecc dir
|
||||
ansible.builtin.stat:
|
||||
path: "/etc/x509/{{ host.host }}_ecc"
|
||||
register: _nginx_x509_ecc_dir
|
||||
|
||||
- name: Move dir if exists
|
||||
block:
|
||||
- name: Copy ecc dir
|
||||
ansible.builtin.copy:
|
||||
remote_src: true
|
||||
src: "/etc/x509/{{ host.host }}_ecc/"
|
||||
dest: "/etc/x509/{{ host.host }}"
|
||||
|
||||
- name: Remove ecc dir
|
||||
ansible.builtin.file:
|
||||
path: "/etc/x509/{{ host.host }}_ecc/"
|
||||
state: absent
|
||||
when: _nginx_x509_ecc_dir.stat.exists
|
||||
Reference in New Issue
Block a user