forked from evolix/ansible-roles
61 lines
1.4 KiB
YAML
61 lines
1.4 KiB
YAML
---
|
|
|
|
- name: certbot package is removed
|
|
apt:
|
|
name: certbot
|
|
state: absent
|
|
|
|
- include_role:
|
|
name: evolix/remount-usr
|
|
|
|
# copied and customized from https://raw.githubusercontent.com/certbot/certbot/v1.14.0/letsencrypt-auto
|
|
- name: Let's Encrypt script is present
|
|
copy:
|
|
src: letsencrypt-auto
|
|
dest: /usr/local/bin/letsencrypt-auto
|
|
mode: '0755'
|
|
owner: root
|
|
group: root
|
|
force: yes
|
|
notify: install letsencrypt-auto
|
|
|
|
- name: Check certbot script
|
|
stat:
|
|
path: /usr/local/bin/certbot
|
|
register: certbot_path
|
|
|
|
- name: Rename certbot script if present
|
|
command: "mv /usr/local/bin/certbot /usr/local/bin/certbot.bak"
|
|
when: certbot_path.stat.exists
|
|
|
|
- name: Let's Encrypt script is symlinked as certbot
|
|
file:
|
|
src: "/usr/local/bin/letsencrypt-auto"
|
|
dest: "/usr/local/bin/certbot"
|
|
state: link
|
|
|
|
- name: systemd artefacts are absent
|
|
file:
|
|
dest: "{{ item }}"
|
|
state: absent
|
|
loop:
|
|
- /etc/systemd/system/certbot.service
|
|
- /etc/systemd/system/certbot.service.d
|
|
- /etc/systemd/system/certbot.timer
|
|
notify: systemd daemon-reload
|
|
|
|
- name: custom crontab is present
|
|
copy:
|
|
src: cron_jessie
|
|
dest: /etc/cron.d/certbot
|
|
force: yes
|
|
when: certbot_custom_crontab | bool
|
|
|
|
- name: disable self-upgrade
|
|
ini_file:
|
|
dest: "/etc/letsencrypt/cli.ini"
|
|
section: null
|
|
option: "no-self-upgrade"
|
|
value: "no"
|
|
state: present
|