initial commit

2020-05-15 19:39:21 +02:00
commit e960091c93
7 changed files with 224 additions and 0 deletions
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -0,0 +1,53 @@
+- name: get openssl version
+  command: "openssl version"
+  register: openssl_version
+  changed_when: false
+
+- fail:
+    msg: "OpenSSL too old!"
+  when: openssl_version.stdout.split()[1] is version('1.1.1', '<')
+
+- name: compile acme-client
+  include_tasks: compile_acme.yml
+  when: acme_compile and not acme_justrun
+
+- name: add config
+  template:
+    src: acme.j2
+    dest: /etc/acme-client.conf
+  notify: "renew certs"
+
+- name: add renew script
+  template:
+    src: renew_certs.j2
+    dest: "{{acme_renew_script_path}}/renew_certs"
+    owner: root
+    group: root
+    mode: 0755
+  when: acme_renew_script
+
+- name: add daily cronjob (renew_script)
+  cron:
+    name: renew certs
+    minute: "0"
+    hour: "4"
+    job: "{{acme_renew_script_path}}/renew_certs"
+  when: acme_renew_script and acme_add_cronjob
+
+- name: add daily cronjobs
+  cron:
+    name: "renew certs for domain {{item.domain}}"
+    minute: "0"
+    hour: "4"
+    job: "/usr/local/bin/acme-client {{item.domain}}"
+  loop: "{{acme_hosts}}"
+  loop_control:
+    label: "{{item.domain}}"
+  when: not acme_renew_script and acme_add_cronjob
+
+- name: run acme-client
+  shell: "/usr/local/bin/acme-client {{item.domain}}"
+  when: acme_justrun
+  loop: "{{acme_hosts}}"
+  loop_control:
+    label: "{{item.domain}}"