55 lines
1.3 KiB
YAML
55 lines
1.3 KiB
YAML
- name: get openssl version
|
|
command: "openssl version"
|
|
register: openssl_version
|
|
changed_when: false
|
|
check_mode: false
|
|
|
|
- fail:
|
|
msg: "OpenSSL too old!"
|
|
when: openssl_version.stdout.split()[1] is version('1.1.1', '<')
|
|
|
|
- name: compile acme-client
|
|
include_tasks: compile_acme.yml
|
|
when: acme_compile and not acme_justrun
|
|
|
|
- name: add config
|
|
template:
|
|
src: acme.j2
|
|
dest: /etc/acme-client.conf
|
|
notify: "renew certs"
|
|
|
|
- name: add renew script
|
|
template:
|
|
src: renew_certs.j2
|
|
dest: "{{acme_renew_script_path}}/renew_certs"
|
|
owner: root
|
|
group: root
|
|
mode: 0755
|
|
when: acme_renew_script
|
|
|
|
- name: add daily cronjob (renew_script)
|
|
cron:
|
|
name: renew certs
|
|
minute: "0"
|
|
hour: "4"
|
|
job: "{{acme_renew_script_path}}/renew_certs"
|
|
when: acme_renew_script and acme_add_cronjob
|
|
|
|
- name: add daily cronjobs
|
|
cron:
|
|
name: "renew certs for domain {{item.domain}}"
|
|
minute: "0"
|
|
hour: "4"
|
|
job: "/usr/local/bin/acme-client {{item.domain}}"
|
|
loop: "{{acme_hosts}}"
|
|
loop_control:
|
|
label: "{{item.domain}}"
|
|
when: not acme_renew_script and acme_add_cronjob
|
|
|
|
- name: run acme-client
|
|
shell: "/usr/local/bin/acme-client {{item.domain}}"
|
|
when: acme_justrun
|
|
loop: "{{acme_hosts}}"
|
|
loop_control:
|
|
label: "{{item.domain}}"
|