Browse Source

cerbot: use the legacy script on Debian 8 and 9

pull/124/head
Jérémy Lecour 2 months ago
committed by Jérémy Lecour
parent
commit
f940bc3866
  1. 1
      certbot/defaults/main.yml
  2. 19
      certbot/tasks/install-legacy.yml
  3. 10
      certbot/tasks/main.yml
  4. 1
      certbot/templates/acme-challenge/apache.conf.j2
  5. 4
      evoacme/tasks/certbot.yml

1
certbot/defaults/main.yml

@ -1,3 +1,4 @@
---
certbot_work_dir: /var/lib/letsencrypt
certbot_custom_crontab: True

19
certbot/tasks/install-sources.yml → certbot/tasks/install-legacy.yml

@ -8,16 +8,6 @@
- include_role:
name: evolix/remount-usr
# - name: Certbot script is downloaded
# get_url:
# url: https://dl.eff.org/certbot-auto
# dest: /usr/local/bin/certbot
# mode: '0755'
# owner: root
# group: root
# force: no
# notify: install certbot-auto
- name: Let's Encrypt script is present
copy:
src: letsencrypt-auto
@ -58,3 +48,12 @@
src: cron_jessie
dest: /etc/cron.d/certbot
force: yes
when: certbot_custom_crontab
- name: disable self-upgrade
ini_file:
dest: "/etc/letsencrypt/cli.ini"
section: null
option: "no-self-upgrade"
value: 0
state: present

10
certbot/tasks/main.yml

@ -7,17 +7,17 @@
- ansible_distribution_major_version is version('8', '>=')
msg: only compatible with Debian 9+
- name: Install from sources on Debian 8
include: install-sources.yml
- name: Install legacy script on Debian 8 and 9
include: install-legacy.yml
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version is version('8', '=')
- ansible_distribution_major_version is version('10', '<')
- name: Install package on Debian 9+
- name: Install package on Debian 10+
include: install-package.yml
when:
- ansible_distribution == "Debian"
- ansible_distribution_major_version is version('9', '>=')
- ansible_distribution_major_version is version('10', '>=')
- include: acme-challenge.yml

1
certbot/templates/acme-challenge/apache.conf.j2

@ -7,6 +7,5 @@
Alias /.well-known/acme-challenge /var/lib/letsencrypt/.well-known/acme-challenge
<Directory "/var/lib/letsencrypt/.well-known/acme-challenge">
Options -Indexes
Allow from all
Require all granted
</Directory>

4
evoacme/tasks/certbot.yml

@ -1,4 +1,8 @@
---
- name: Do no install certbot crontab
set_fact:
certbot_custom_crontab: False
- include_role:
name: evolix/certbot

Loading…
Cancel
Save