Solved bugs and refactored

2025-08-29 15:06:26 +02:00 · 2025-02-15 17:43:36 +01:00
parent c7da4ddd8f
commit 62f9bab052
14 changed files with 74 additions and 26 deletions
--- a/tasks/certbot-and-globals.yml
+++ b/tasks/certbot-and-globals.yml
@@ -1,6 +0,0 @@
- name: "include task receive certbot certificate"
-  include_tasks: recieve-certbot-certificate.yml
-
- name: Load global Nginx Configuration
-  include_role:
-    name: nginx-global
--- a/tasks/create-proxy-with-domain-replace.yml
+++ b/tasks/create-proxy-with-domain-replace.yml
@@ -1,5 +1,6 @@
- name: "include task certbot-and-globals.yml"
-  include_tasks: certbot-and-globals.yml
+- name: "include role receive certbot certificate"
+  include_role: 
+    name: nginx-https-recieve-certificate

 - name: "include task create-domain-conf.yml"
  include_tasks: create-domain-conf.yml
--- a/tasks/nginx-docker-proxy-domain.yml
+++ b/tasks/nginx-docker-proxy-domain.yml
@@ -1,5 +1,6 @@
- name: "include task certbot-and-globals.yml"
-  include_tasks: certbot-and-globals.yml
+- name: "include role receive certbot certificate"
+  include_role: 
+    name: nginx-https-recieve-certificate

 - name: "include task create-domain-conf.yml"
  include_tasks: create-domain-conf.yml
--- a/tasks/recieve-certbot-certificate.yml
+++ b/tasks/recieve-certbot-certificate.yml
@@ -1,43 +0,0 @@
- name: "recieve dedicated certificate for {{ domain }}"
-  command: >-
-    certbot certonly --agree-tos --email {{ administrator_email }}
-    --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{ domain }}
-    {{ '--test-cert' if mode_test | bool else '' }}
-  when: 
-    - not enable_wildcard_certificate | bool or not (domain.split('.') | length == (primary_domain.split('.') | length + 1) and domain.endswith(primary_domain))
-      # Wildcard certificate should not be used
-      # OR: The domain is not a first-level subdomain of the primary domain
-
- name: "recieve wildcard certificate for *{{ primary_domain }}"
-  command: >-
-    certbot certonly --agree-tos --email {{ administrator_email }}                                          
-    --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{ primary_domain }} -d *.{{ primary_domain }}
-    {{ '--test-cert' if mode_test | bool else '' }}
-  when: 
-    - enable_wildcard_certificate | bool  
-      # Wildcard certificate is enabled
-    - domain.split('.') | length == (primary_domain.split('.') | length + 1) and domain.endswith(primary_domain)
-      # AND: The domain is a direct first-level subdomain of the primary domain
-    - run_once_recieve_certificate is not defined  
-      # Ensure this task runs only once for the wildcard certificate
-    - domain == primary_domain  
-      # The domain is the primary domain
-
- name: "Cleanup dedicated cert for {{ domain }}"
-  command: >-
-    certbot delete --cert-name {{ domain }} --non-interactive
-  when: 
-    - mode_cleanup | bool  
-      # Cleanup mode is enabled
-    - enable_wildcard_certificate | bool  
-      # Wildcard certificate is enabled
-    - domain.split('.') | length == (primary_domain.split('.') | length + 1) and domain.endswith(primary_domain)
-      # AND: The domain is a direct first-level subdomain of the primary domain
-    - domain != primary_domain  
-      # The domain is not the primary domain
-  ignore_errors: true
-
- name: run the recieve_certificate tasks once
-  set_fact:
-    run_once_recieve_certificate: true
-  when: run_once_recieve_certificate is not defined