diff --git a/acmebot/defaults/main.yml b/acmebot/defaults/main.yml index b9a406cd5a0111d2e89c0e28595317dc9fc9f66d..c5278e66eb4295a0351c90a75704e0f6d105701f 100644 --- a/acmebot/defaults/main.yml +++ b/acmebot/defaults/main.yml @@ -1,7 +1,7 @@ --- acmebot_account_mail: "{{ adminaddr }}" -acmebot_version: "v2.10.0" +acmebot_version: "2.11.0" acmebot_settings: {} acmebot_default_settings: diff --git a/acmebot/files/acmebot.logrotate b/acmebot/files/acmebot.logrotate new file mode 100644 index 0000000000000000000000000000000000000000..e7f8a62169c173906f316920405cbbb516dc3560 --- /dev/null +++ b/acmebot/files/acmebot.logrotate @@ -0,0 +1,8 @@ +/var/log/acmebot/*.log { + weekly + missingok + rotate 12 + compress + delaycompress + notifempty +} diff --git a/acmebot/files/acmebot.service b/acmebot/files/acmebot.service index 8ba466a125cd0a880db8176db4235146dc5da4a4..c75c1a60f739d697c8998ab64500a0237297f352 100644 --- a/acmebot/files/acmebot.service +++ b/acmebot/files/acmebot.service @@ -6,7 +6,7 @@ After=apache2.service nginx.service bind9.service nginx-proxy.service [Service] Type=oneshot -ExecStart=/usr/local/sbin/acmebot --accept +ExecStart=/usr/local/bin/acmebot --accept TimeoutStartSec=5min CapabilityBoundingSet=CAP_CHOWN NoNewPrivileges=yes diff --git a/acmebot/tasks/main.yml b/acmebot/tasks/main.yml index 8297915948c72aff42eff0dd780dc8af03d95bf7..39b6878238363a7bc889585710a8b0c033f7df96 100644 --- a/acmebot/tasks/main.yml +++ b/acmebot/tasks/main.yml @@ -3,6 +3,7 @@ - name: ensure requirements for acmebot are installed apt: name: + - python3-pip - python3-appdirs - python3-pyparsing - python3-packaging @@ -14,20 +15,17 @@ - python3-yaml state: present -- name: get the acmebot repository - git: - repo: https://github.com/plinss/acmebot.git - dest: /opt/acmebot - version: "{{acmebot_version}}" - force: true - environment: - TMPDIR: /root/.ansible/tmp - -- name: add acmebot to path +- name: Remove old acmebot link file: - src: /opt/acmebot/src/acmebot/acmebot.py - dest: /usr/local/sbin/acmebot - state: link + path: /usr/local/sbin/acmebot + state: absent + +- name: Install acmebot + pip: + name: >- + acmebot{{ "==" + acmebot_version|regex_replace('^v', '') if + acmebot_version is defined else "" }} + extra_args: --no-deps - name: install systemd units copy: @@ -84,7 +82,11 @@ state: absent - name: rotate acmebot logs - file: - src: /opt/acmebot/logrotate.d/acmebot + copy: + src: acmebot.logrotate dest: /etc/logrotate.d/acmebot - state: link + +- name: Cleanup old installation + file: + path: /opt/acmebot + state: absent