Skip to content
Snippets Groups Projects
Select Git revision
  • 8075bbbf6b029fb7431036c53cebc444f21f7acb
  • master default protected
  • th/caddy-wip
  • th/caddy
  • th/lego
  • th/acmebot
  • pyzabbix
  • th/keycloak
8 results

main.yml

Blame
  • Lars Beckers's avatar
    Lars Beckers authored
    Gathering certificates just works nonetheless.
    
    See also: https://github.com/plinss/acmebot/issues/47
    27929523
    History
    Code owners
    Assign users and groups as approvers for specific file changes. Learn more.
    main.yml 2.29 KiB
    ---
    
    - name: ensure requirements for acmebot are installed
      apt:
        name:
          - python3-appdirs
          - python3-pyparsing
          - python3-packaging
          - python3-openssl
          - python3-dns
          - python3-cryptography
          - python3-asn1crypto
          - python3-acme
          - python3-yaml
        state: present
    
    - name: get the acmebot repository
      git:
        repo: https://github.com/plinss/acmebot.git
        dest: /opt/acmebot
        version: "{{acmebot_version}}"
        force: true
      environment:
        TMPDIR: /root/.ansible/tmp
    
    - name: fix over-specified requirements locally
      lineinfile:
        regexp: '^pyOpenSSL>=17\.5\.0'  # ,<20.0.0'
        line: 'pyOpenSSL>=17.5.0'
        path: /opt/acmebot/requirements.txt
    
    - name: add acmebot to path
      file:
        src: /opt/acmebot/acmebot
        dest: /usr/local/sbin/acmebot
        state: link
    
    - name: install systemd units
      copy:
        src: "{{item}}"
        dest: /etc/systemd/system/
        owner: root
        group: root
        mode: '0644'
      with_items:
        - "acmebot.service"
        - "acmebot.timer"
      notify:
        - reload systemd service files
    
    - name: create the acmebot config directory
      file:
        path: /etc/acmebot
        state: directory
        owner: root
        group: root
        mode: '0755'
    
    - name: ensure the acmebot is configured
      template:
        src: acmebot.yaml.j2
        dest: /etc/acmebot/acmebot.yaml
        owner: root
        group: root
        mode: '0644'
      notify:
        - update certificates
    
    - name: ensure the LE root certificates are linked
      file: