yves
/
home-server
1
0
Fork 0
Code Issues 8 Pull Requests Releases Wiki Activity
home-server/roles/acme_back/tasks/main.yml

86 lines
2.0 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

---
# The home-server project produces a multi-purpose setup using Ansible.
# Copyright © 2018 Y. Gablin, under the GPL-3.0-or-later license.
# Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing.
### UPSTREAM BEGIN ⇒ ###
- name: pull prerequisites from upstream
include_role: name=etckeeper.inc allow_duplicates=true tasks_from=upstream.yml
vars:
msg: ACME
### ⇐ UPSTREAM BEGIN ###
- name: install dehydrated (Lets Encrypt)
include_role:
name: aur.inc
allow_duplicates: true
vars:
pkg_names: '["dehydrated-git"]'
aur_user: git
### UPSTREAM END ⇒ ###
- name: merge upstream
include_role: name=etckeeper.inc allow_duplicates=true tasks_from=merge.yml
vars:
msg: ACME
### ⇐ UPSTREAM END ###
- name: set Lets Encrypt domains
copy:
content: |
{{acme_domains}}
dest: /etc/dehydrated/domains.txt
mode: 0644
- name: create Lets Encrypt top directory
file:
path: /var/lib/acme
state: directory
mode: 0711
- name: create Lets Encrypt accounts directory
file:
path: /var/lib/acme/accounts
state: directory
mode: 0700
- name: create Lets Encrypt certs directory
file:
path: /var/lib/acme/certs
state: directory
mode: 0755
- name: set dehydrated settings
template:
src: templates/dehydrated.config.j2
dest: /etc/dehydrated/config
mode: 0600
- name: set dehydrated hooks
template:
src: templates/hook.sh.j2
dest: "/etc/dehydrated/{{nickname}}-hook.sh"
mode: 0700
- name: create dehydrated timer
copy:
src: files/dehydrated.timer
dest: /etc/systemd/system/dehydrated.timer
mode: 0644
notify:
- restart dehydrated.service
- name: enable dehydrated
systemd:
daemon_reload: true
name: dehydrated.timer
enabled: true
### LOCAL COMMIT ⇒ ###
- name: commit local changes
include_role: name=etckeeper.inc allow_duplicates=true tasks_from=local.yml
vars:
msg: ACME
### ⇐ LOCAL COMMIT ###
- meta: flush_handlers
Reference in New Issue View Git Blame Copy Permalink