29 lines
957 B
YAML
29 lines
957 B
YAML
---
|
|
|
|
- name: Issue certificate
|
|
ansible.builtin.command:
|
|
cmd: "/etc/x509/acme.sh --issue --domain {{ host.host }} {{ ['--domain'] | product(host.san | default([])) | map('join', ' ') | join(' ') }} --webroot {{ nginx_letsencrypt_dir }} --reloadcmd \"{{ acme_reload_cmd | default('systemctl reload nginx.service') }}\""
|
|
creates: "/etc/x509/{{ host.host }}*"
|
|
environment:
|
|
LE_WORKING_DIR: "/etc/x509"
|
|
|
|
- name: Check if ecc dir
|
|
ansible.builtin.stat:
|
|
path: "/etc/x509/{{ host.host }}_ecc"
|
|
register: _nginx_x509_ecc_dir
|
|
|
|
- name: Move dir if exists
|
|
when: _nginx_x509_ecc_dir.stat.exists
|
|
block:
|
|
- name: Copy ecc dir
|
|
ansible.builtin.copy:
|
|
remote_src: true
|
|
src: "/etc/x509/{{ host.host }}_ecc/"
|
|
dest: "/etc/x509/{{ host.host }}"
|
|
mode: "{{ _nginx_x509_ecc_dir.stat.mode }}"
|
|
|
|
- name: Remove ecc dir
|
|
ansible.builtin.file:
|
|
path: "/etc/x509/{{ host.host }}_ecc/"
|
|
state: absent
|