certbot: Initial version of role
This commit is contained in:
parent
cb51dc186c
commit
5e1f521eb6
2 changed files with 61 additions and 0 deletions
3
roles/certbot/meta/main.yml
Normal file
3
roles/certbot/meta/main.yml
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
dependencies:
|
||||
- { role: nginx/server }
|
||||
58
roles/certbot/tasks/main.yml
Normal file
58
roles/certbot/tasks/main.yml
Normal file
|
|
@ -0,0 +1,58 @@
|
|||
---
|
||||
- name: check support
|
||||
fail:
|
||||
msg: Role not supported in your system
|
||||
when: ansible_os_family != "RedHat"
|
||||
|
||||
- name: install certbot packages
|
||||
package:
|
||||
name: certbot
|
||||
state: installed
|
||||
|
||||
- name: create certbot group
|
||||
group:
|
||||
name: certbot
|
||||
gid: 1002
|
||||
|
||||
- name: create certbot user
|
||||
user:
|
||||
name: certbot
|
||||
comment: Service Certbot
|
||||
createhome: false
|
||||
group: certbot
|
||||
home: /var/empty
|
||||
shell: /sbin/nologin
|
||||
uid: 1002
|
||||
|
||||
- name: add certbot nginx site
|
||||
include_role:
|
||||
name: nginx/site
|
||||
vars:
|
||||
site: certbot.home.foo.sh
|
||||
|
||||
- name: create certbot .well-known directory
|
||||
file:
|
||||
path: /srv/web/certbot.home.foo.sh/.well-known
|
||||
owner: root
|
||||
group: "{{ ansible_wheel }}"
|
||||
mode: 0755
|
||||
state: directory
|
||||
|
||||
- name: create certbot directories
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
owner: root
|
||||
group: certbot
|
||||
mode: 0775
|
||||
state: directory
|
||||
with_items:
|
||||
- /srv/web/certbot.home.foo.sh/.well-known/acme-challenge
|
||||
- /export/letsencrypt
|
||||
|
||||
- name: link certbot datadirectory
|
||||
file:
|
||||
src: /export/letsencrypt
|
||||
dest: /srv/letsencrypt
|
||||
owner: root
|
||||
group: "{{ ansible_wheel }}"
|
||||
state: link
|
||||
Loading…
Add table
Reference in a new issue