mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-08-18 17:55:09 +02:00
Kevin Veen-Birkenbach
2620ee088e
- replaced CERTBOT_DNS_API_TOKEN with CLOUDFLARE_API_TOKEN everywhere - introduced generic sys-dns-cloudflare-records role for managing DNS records - added sys-dns-hetzner-rdns role with both Cloud (hcloud) and Robot API flavors - updated Mailu role to: - generate DKIM before DNS setup - delegate DNS + rDNS records to the new generic roles - removed legacy per-role Cloudflare vars (MAILU_CLOUDFLARE_API_TOKEN) - extended group vars with HOSTING_PROVIDER for rDNS flavor decision - added hetzner.hcloud collection to requirements This consolidates DNS management into reusable roles, supports both Cloudflare and Hetzner providers, and standardizes variable naming across the project.
21 lines
555 B
YAML
21 lines
555 B
YAML
- name: install certbot DNS plugin
|
|
community.general.pacman:
|
|
name: "certbot-dns-{{ CERTBOT_ACME_CHALLENGE_METHOD }}"
|
|
state: present
|
|
|
|
- name: Ensure /etc/certbot directory exists
|
|
file:
|
|
path: "{{ CERTBOT_CREDENTIALS_DIR }}"
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
mode: '0755'
|
|
|
|
- name: Install plugin credentials file
|
|
copy:
|
|
dest: "{{ CERTBOT_CREDENTIALS_FILE }}"
|
|
content: |
|
|
dns_{{ CERTBOT_ACME_CHALLENGE_METHOD }}_api_token = {{ CLOUDFLARE_API_TOKEN }}
|
|
owner: root
|
|
group: root
|
|
mode: '0600' |