2023-05-23 15:45:42 +00:00
|
|
|
---
|
2023-07-04 01:02:16 +00:00
|
|
|
- name: Assert secrets have been configured.
|
2023-05-23 15:45:42 +00:00
|
|
|
ansible.builtin.assert:
|
|
|
|
that:
|
2023-07-04 01:02:16 +00:00
|
|
|
- acme_domains is defined
|
|
|
|
- acme_email is defined
|
|
|
|
- acme_email != ''
|
|
|
|
fail_msg: "FAILED: No ACME variables have been configured for this host."
|
|
|
|
# no_log: true
|
2023-05-23 15:45:42 +00:00
|
|
|
|
2023-06-17 03:07:35 +00:00
|
|
|
- name: Set up the ACME system user and group.
|
|
|
|
import_tasks: setup-user.yml
|
|
|
|
become: true
|
2023-05-23 15:45:42 +00:00
|
|
|
|
2023-06-17 03:07:35 +00:00
|
|
|
- name: Run lego looped task to order or renew certificates for all ACME domains.
|
|
|
|
include_tasks:
|
|
|
|
file: lego.yml
|
|
|
|
apply:
|
|
|
|
become: false
|
2023-07-29 04:13:32 +00:00
|
|
|
tags: lego
|
2023-05-23 15:45:42 +00:00
|
|
|
loop: "{{ acme_domains }}"
|
|
|
|
loop_control:
|
|
|
|
loop_var: acme_domain
|
|
|
|
tags: lego
|
|
|
|
|
2023-06-17 03:07:35 +00:00
|
|
|
- name: Loop through the domain list (again) to copy certs and configure nginx for each ACME domain
|
|
|
|
include_tasks:
|
|
|
|
file: certificates.yml
|
|
|
|
apply:
|
|
|
|
become: true
|
2023-05-23 15:45:42 +00:00
|
|
|
loop: "{{ acme_domains }}"
|
|
|
|
loop_control:
|
|
|
|
loop_var: acme_domain
|
|
|
|
tags: nginx
|
2023-07-29 04:13:32 +00:00
|
|
|
when: ansible_os_family != 'RedHat'
|
2023-07-06 19:20:45 +00:00
|
|
|
|
2023-07-29 04:13:32 +00:00
|
|
|
- name: (RedHat) Loop through the domain list (again) to copy certs and configure nginx for each ACME domain
|
2023-07-06 19:20:45 +00:00
|
|
|
include_tasks:
|
|
|
|
file: certificates-RedHat.yml
|
|
|
|
apply:
|
|
|
|
become: true
|
|
|
|
loop: "{{ acme_domains }}"
|
|
|
|
loop_control:
|
|
|
|
loop_var: acme_domain
|
|
|
|
tags: nginx
|
2023-07-29 04:13:32 +00:00
|
|
|
when: ansible_os_family == 'RedHat'
|
2023-05-23 15:45:42 +00:00
|
|
|
|
|
|
|
- import_tasks: dhparams.yml
|
2023-06-17 03:07:35 +00:00
|
|
|
become: true
|
2023-05-23 15:45:42 +00:00
|
|
|
tags: dhparams
|