Implemented certbot for cloudflare\hetzner, optimized documentation and solved bugs

2025-08-29 15:06:26 +02:00 · 2025-04-28 00:33:55 +02:00
parent 3e816130d3
commit 0fc9c3e495
31 changed files with 497 additions and 85 deletions
--- a/roles/certbot/tasks/main.yml
+++ b/roles/certbot/tasks/main.yml
@@ -0,0 +1,41 @@
+- name: install certbot
+  pacman:
+    name: certbot
+    state: present
+  when: run_once_certbot is not defined
+
+- name: install certbot DNS plugin
+  pacman:
+    name: "certbot-dns-{{ certbot_acme_challenge_method }}"
+    state: present
+  when:
+    - run_once_certbot is not defined
+    - certbot_acme_challenge_method != 'webroot'
+
+- name: Ensure /etc/certbot directory exists
+  file:
+    path:   "{{ certbot_credentials_dir }}"
+    state:  directory
+    owner:  root
+    group:  root
+    mode:   '0755'
+  when:
+    - run_once_certbot is not defined
+    - certbot_acme_challenge_method != 'webroot'
+
+- name: Install plugin credentials file
+  copy:
+    dest: "{{ certbot_credentials_file }}"
+    content: |
+      dns_{{ certbot_acme_challenge_method }}_api_token = {{ certbot_dns_api_token }}
+    owner: root
+    group: root
+    mode: '0600'
+  when:
+    - run_once_certbot is not defined
+    - certbot_acme_challenge_method != 'webroot'
+
+- name: run the certbot role once
+  set_fact:
+    run_once_certbot: true
+  when: run_once_certbot is not defined