ansible-role-lego/tasks/main.yml

---
- name: Assert secrets have been configured.
  ansible.builtin.assert:
    that:
      - acme_domains is defined
      - acme_email is defined
      - acme_email != ''
    fail_msg: "FAILED: No ACME variables have been configured for this host."
# no_log: true

- name: Set up the ACME system user and group.
  import_tasks: setup-user.yml
  become: true

- name: Run lego looped task to order or renew certificates for all ACME domains.
  include_tasks:
    file: lego.yml
    apply:
      become: false
      tags: lego
  loop: "{{ acme_domains }}"
  loop_control:
    loop_var: acme_domain
  tags: lego

- name: Loop through the domain list (again) to copy certs and configure nginx for each ACME domain
  include_tasks:
    file: certificates.yml
    apply:
      become: true
  loop: "{{ acme_domains }}"
  loop_control:
    loop_var: acme_domain
  tags: nginx
  when: ansible_os_family != 'RedHat'

- name: (RedHat) Loop through the domain list (again) to copy certs and configure nginx for each ACME domain
  include_tasks:
    file: certificates-RedHat.yml
    apply:
      become: true
  loop: "{{ acme_domains }}"
  loop_control:
    loop_var: acme_domain
  tags: nginx
  when: ansible_os_family == 'RedHat'

- import_tasks: dhparams.yml
  become: true
  tags: dhparams
Rewrote playbook as a role. 2023-05-23 15:45:42 +00:00			`---`
Sourcing environment variables from the playbook was redundant. 2023-07-04 01:02:16 +00:00			`- name: Assert secrets have been configured.`
Rewrote playbook as a role. 2023-05-23 15:45:42 +00:00			`ansible.builtin.assert:`
			`that:`
Sourcing environment variables from the playbook was redundant. 2023-07-04 01:02:16 +00:00			`- acme_domains is defined`
			`- acme_email is defined`
			`- acme_email != ''`
			`fail_msg: "FAILED: No ACME variables have been configured for this host."`
			`# no_log: true`
Rewrote playbook as a role. 2023-05-23 15:45:42 +00:00
Fix corner case when ansible_user: root 2023-06-17 03:07:35 +00:00			`- name: Set up the ACME system user and group.`
			`import_tasks: setup-user.yml`
			`become: true`
Rewrote playbook as a role. 2023-05-23 15:45:42 +00:00
Fix corner case when ansible_user: root 2023-06-17 03:07:35 +00:00			`- name: Run lego looped task to order or renew certificates for all ACME domains.`
			`include_tasks:`
			`file: lego.yml`
			`apply:`
			`become: false`
Testing successful on EasyDNS. 2023-07-29 04:13:32 +00:00			`tags: lego`
Rewrote playbook as a role. 2023-05-23 15:45:42 +00:00			`loop: "{{ acme_domains }}"`
			`loop_control:`
			`loop_var: acme_domain`
			`tags: lego`

Fix corner case when ansible_user: root 2023-06-17 03:07:35 +00:00			`- name: Loop through the domain list (again) to copy certs and configure nginx for each ACME domain`
			`include_tasks:`
			`file: certificates.yml`
			`apply:`
			`become: true`
Rewrote playbook as a role. 2023-05-23 15:45:42 +00:00			`loop: "{{ acme_domains }}"`
			`loop_control:`
			`loop_var: acme_domain`
			`tags: nginx`
Testing successful on EasyDNS. 2023-07-29 04:13:32 +00:00			`when: ansible_os_family != 'RedHat'`
Add support for RedHat 7.9 and document SELinux changes that are necessary. 2023-07-06 19:20:45 +00:00
Testing successful on EasyDNS. 2023-07-29 04:13:32 +00:00			`- name: (RedHat) Loop through the domain list (again) to copy certs and configure nginx for each ACME domain`
Add support for RedHat 7.9 and document SELinux changes that are necessary. 2023-07-06 19:20:45 +00:00			`include_tasks:`
			`file: certificates-RedHat.yml`
			`apply:`
			`become: true`
			`loop: "{{ acme_domains }}"`
			`loop_control:`
			`loop_var: acme_domain`
			`tags: nginx`
Testing successful on EasyDNS. 2023-07-29 04:13:32 +00:00			`when: ansible_os_family == 'RedHat'`
Rewrote playbook as a role. 2023-05-23 15:45:42 +00:00
			`- import_tasks: dhparams.yml`
Fix corner case when ansible_user: root 2023-06-17 03:07:35 +00:00			`become: true`
Rewrote playbook as a role. 2023-05-23 15:45:42 +00:00			`tags: dhparams`