kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2024-11-22 04:31:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Implemented test-run for certbot due to letsencrypt restrictions

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach 2024-01-08 11:20:44 +01:00
parent db38b72373
commit bf421835c3
4 changed files with 18 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
group_vars/all
View File

@ -1,6 +1,7 @@
# General # General
reset_files: false # Cleans up all CyMaIS files. It's necessary to run to whole playbook and not particial roles when using this function. reset_files: false # Cleans up all CyMaIS files. It's necessary to run to whole playbook and not particial roles when using this function.
verbose: false # Prints well formated debug information verbose: false # Prints well formated debug information
test_run: false # Executes test routines instead of productive routines
database_delay: "0" # Database delay to wait for the central database before continue tasks database_delay: "0" # Database delay to wait for the central database before continue tasks
top_domain: "localhost" # Change this in inventory to your domain top_domain: "localhost" # Change this in inventory to your domain
ip4_address: "127.0.0.1" # Change thie in inventory to the ip address of your server ip4_address: "127.0.0.1" # Change thie in inventory to the ip address of your server

14
roles/docker-attendize/tasks/main.yml
View File

@ -2,12 +2,14 @@
- name: "include docker-compose-common.yml" - name: "include docker-compose-common.yml"
include_tasks: docker-compose-common.yml include_tasks: docker-compose-common.yml
- name: receive {{ mail_interface_domain }} certificate - name: "include tasks to receive attendize certbot certificate"
command: certbot certonly --agree-tos --email {{ administrator_email }} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{ mail_interface_domain }} include_tasks: recieve-certbot-certificate.yml
vars:
- name: receive {{ domain }} certificate domain: "{{ item }}"
command: certbot certonly --agree-tos --email {{ administrator_email }} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{ domain }} loop:
- "{{ mail_interface_domain }}"
- "{{ domain }}"
- name: configure {{domain}}.conf - name: configure {{domain}}.conf
template: template:
src: roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 src: roles/nginx-docker-reverse-proxy/templates/domain.conf.j2

7
roles/nginx-domain-redirect/tasks/main.yml
View File

@ -1,7 +1,8 @@
--- ---
- name: recieve redirect source certificates - name: "include task receive certbot certificate"
command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{item.source}} include_tasks: recieve-certbot-certificate.yml
loop: "{{domain_mappings}}" vars:
domain: "{{ domain }}"
- name: configure nginx redirect configurations - name: configure nginx redirect configurations
vars: vars:

7
tasks/recieve-certbot-certificate.yml
View File

@ -1,2 +1,5 @@
- name: recieve certbot certificate for {{domain}} - name: recieve certbot certificate for {{ domain }}
command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}} command: >-
certbot certonly --agree-tos --email {{ administrator_email }}
--non-interactive --webroot -w /var/lib/letsencrypt/ -d {{ domain }}
{{ '--test-cert' if test_run | bool else '' }}