41 lines
1.0 KiB
YAML
41 lines
1.0 KiB
YAML
|
|
||
|
---
|
||
|
- name: Install acme.sh
|
||
|
community.general.pacman:
|
||
|
name: acme.sh
|
||
|
state: present
|
||
|
|
||
|
- name: Isntall acme.sh cron
|
||
|
cmd:
|
||
|
chdir: /usr/bin/
|
||
|
cmd: ./acme.sh --install
|
||
|
|
||
|
- name: Generate certificates
|
||
|
command:
|
||
|
cmd: >
|
||
|
acme.sh --issue -d {{ acme_domains | join(" -d ") }}
|
||
|
-w /var/lib/letsencrypt/webroot
|
||
|
creates: /root/.acme.sh/{{ acme_domains[0] }}
|
||
|
|
||
|
- name: Install certificates
|
||
|
command:
|
||
|
cmd: >
|
||
|
acme.sh --install-cert -d "{{ acme_domains[0] }}"
|
||
|
--fullchain-file "{{ acme_dest }}/{{ acme_domains[0] }}.crt"
|
||
|
--key-file "{{ acme_dest }}/{{ acme_domains[0] }}.key"
|
||
|
--reloadcmd "{{ acme_reload_cmd }}"
|
||
|
creates:
|
||
|
- "{{ acme_dest }}/{{ acme_domains[0] }}.key"
|
||
|
- "{{ acme_dest }}/{{ acme_domains[0] }}.crt"
|
||
|
|
||
|
- name: Ensure cert permissions
|
||
|
file:
|
||
|
path: "{{ item }}"
|
||
|
state: file
|
||
|
owner: "{{ acme_owner }}"
|
||
|
group: "{{ acme_owner }}"
|
||
|
mode: 0600
|
||
|
loop:
|
||
|
- "{{ acme_dest }}/{{ acme_domains[0] }}.key"
|
||
|
- "{{ acme_dest }}/{{ acme_domains[0] }}.crt"
|