kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-10-31 02:10:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
01b964865039124f347e29e7db73cda499a444f1
computer-playbook/roles/srv-tls-core/tasks/flavors/dedicated.yml

30 lines
1.1 KiB
YAML
Raw Blame History

- name: "Check if certificate already exists for '{{ domain }}'"
cert_check_exists:
domain: "{{ domain }}"
cert_base_path: "{{ LETSENCRYPT_LIVE_PATH }}"
register: cert_check
- name: "receive certificate for '{{ domain }}'"
command: >-
certbot certonly
--agree-tos
--email {{ users.administrator.email }}
--non-interactive
{% if CERTBOT_ACME_CHALLENGE_METHOD != "webroot" %}
--dns-{{ CERTBOT_ACME_CHALLENGE_METHOD }}
--dns-{{ CERTBOT_ACME_CHALLENGE_METHOD }}-credentials {{ CERTBOT_CREDENTIALS_FILE }}
--dns-{{ CERTBOT_ACME_CHALLENGE_METHOD }}-propagation-seconds {{ CERTBOT_DNS_PROPAGATION_WAIT_SECONDS }}
{% else %}
--webroot
-w {{ LETSENCRYPT_WEBROOT_PATH }}
{% endif %}
{% if wildcard_domain is defined and ( wildcard_domain | bool ) %}
-d {{ PRIMARY_DOMAIN }}
-d *.{{ PRIMARY_DOMAIN }}
{% else %}
-d {{ domain }}
{% endif %}
{{ '--test-cert' if MODE_TEST | bool else '' }}
register: certbot_result
changed_when: "'Certificate not yet due for renewal' not in certbot_result.stdout"
when: not cert_check.exists
Reference in New Issue View Git Blame Copy Permalink