Mathieu Trossevin
7c632352a0
Replace the include
module with include_tasks
or import_tasks
...
The behaviour of the `include` module is badly defined (it try to choose
between statically importing the tasks and dynamically including them)
and can cause problems depending on any number of constraints (mostly if
it choose the wrong behaviour).
Replace it with the `import_tasks` (always statically import tasks) unless
the `include` is in a loop in which case we replace it with
`include_tasks` (always dynamically include tasks).
2023-01-03 14:43:42 +01:00
Jérémy Lecour
7a0e0d81d6
Proper jinja spacing
gitea/ansible-roles/pipeline/head This commit looks good
2022-12-28 09:03:37 +01:00
Jérémy Lecour
1728eaee68
Revert "Add “when: not ansible_check_mode” to allow more --check"
...
gitea/ansible-roles/pipeline/head This commit looks good
This reverts commit fafff25c20
.
This reverts commit e64471c5a8084f95a8e6f955d3fa918c55b8e846.
2022-12-14 07:41:18 +01:00
David Prevot
fafff25c20
Add “when: not ansible_check_mode” to allow more --check
gitea/ansible-roles/pipeline/head This commit looks good
2022-12-02 17:40:43 +01:00
Jérémy Lecour
7d63f20336
evoacme: exclude renewal-hooks directory from cron
2021-10-05 08:28:47 +02:00
Eric Morino
bd92ff95c8
use absolute path in evacme cron
continuous-integration/drone/push Build is passing
2021-08-20 11:33:30 +02:00
Jérémy Lecour
b8c5ac3097
remove whitespace for stream redirection
2021-06-28 15:56:19 +02:00
Jérémy Lecour
0fe0244116
Update Galaxy metadata (company, platforms and galaxy_tags)
2021-06-28 15:26:28 +02:00
Jérémy Lecour
2ed77c60f0
Improve Ansible syntax
...
replace « x | changed » by « x is changed »
add explicit « bool » filter
use « length » filter instead of string comparison
2021-05-09 23:06:42 +02:00
Jérémy Lecour
5138065059
Use 'loop' syntax instead of 'with_items'
2021-05-04 14:19:18 +02:00
Jérémy Lecour
f940bc3866
cerbot: use the legacy script on Debian 8 and 9
continuous-integration/drone/push Build is passing
2021-02-04 16:34:24 +01:00
Jérémy Lecour
024d30ea43
evoacme: upstream release 21.01
continuous-integration/drone/push Build is passing
2021-01-07 19:16:06 +01:00
Eric Morino
feda9a63d8
Add directive auth_basic off for nginx configuration
continuous-integration/drone/push Build is passing
2020-12-24 10:03:43 +01:00
Jérémy Lecour
b6817cb62c
evoacme: upstream release 20.12
continuous-integration/drone/push Build is passing
2020-12-01 22:27:05 +01:00
Jérémy Lecour
592030ee9a
evoacme: variable to disable Debian version check (default: False)
2020-11-21 09:59:10 +01:00
Jérémy Lecour
b43d0f3629
evoacme: upstream release 20.11
2020-11-19 21:21:07 +01:00
Ludovic Poujol
c8d4da532f
evoacme: Don't ignore hooks with . in the name (ignore when it's ".disable")
continuous-integration/drone/push Build is passing
2020-10-20 10:58:51 +02:00
Jérémy Lecour
48174ad618
evoacme: remount /usr if necessary
continuous-integration/drone/push Build is passing
2020-09-14 11:31:47 +02:00
Jérémy Lecour
4007b14c09
whitespaces
continuous-integration/drone/push Build is passing
2020-09-14 11:17:54 +02:00
Jérémy Lecour
b818c348c2
evoacme: remove Debian 9 support
continuous-integration/drone/push Build is passing
2020-09-11 11:09:45 +02:00
Jérémy Lecour
44ddc8047d
evoacme: disable empty task for hooks
2020-08-21 14:21:28 +02:00
Jérémy Lecour
f49bf5c72d
evoacme: use Let's Encrypt deploy hooks instead of evoacme hooks
continuous-integration/drone/push Build is passing
2020-08-21 14:02:07 +02:00
Jérémy Lecour
a60deb276b
evoacme: upstream release 20.08
2020-08-21 14:01:06 +02:00
Jérémy Lecour
8ea1bac000
evoacme: update for new certbot role
...
* certbot is installed by the certbot role
* Apache/Nginx configuration is delegated to the certbot role
* No more "acme" user, everything is done with "root".
2020-08-21 13:36:24 +02:00
Jérémy Lecour
d9f9d03140
evoacme: read values from environment before defaults file
continuous-integration/drone/push Build is passing
2020-06-05 11:31:42 +02:00
Jérémy Lecour
7f0931510f
evoacme: upstream release 20.06.1
continuous-integration/drone/push Build is passing
2020-06-05 11:01:42 +02:00
Jérémy Lecour
1d5a30b144
evoacme: upstream release 20.06
continuous-integration/drone/push Build is passing
2020-06-03 12:09:58 +02:00
Jérémy Lecour
7a9624fcc2
evoacme: remove shellcheck warnings
continuous-integration/drone/push Build is passing
2020-04-16 09:44:25 +02:00
Jérémy Lecour
7283e34077
Replace version_compare() with version()
2020-02-25 10:45:35 +01:00
Jérémy Lecour
6801f4e00e
Add names to many blocks
2019-12-31 16:56:03 +01:00
Jérémy Lecour
79bb6103b8
Change "|version_compare" with "is version_compare"
2019-12-31 10:18:19 +01:00
Victor LABORIE
6f5e13f8b8
Add evolix prefix to include_role
2019-11-29 14:00:25 +01:00
Jérémy Lecour
ab8c6b13b8
evoacme: upstream version 19.11
continuous-integration/drone/push Build is passing
2019-11-05 14:08:02 +01:00
Jérémy Lecour
aa28e9c1b8
change repositories URL
2019-03-21 15:31:58 +01:00
Eric Morino
db71907155
Remove chown root: /etc/ssl/private in make-csr.sh
2019-03-19 16:13:17 +01:00
Jérémy Lecour
8279092037
evoacme: add a renewal hook to commit changes in /etc/.git
2019-03-07 00:19:43 +01:00
Victor LABORIE
6469733d2f
evoacme: fix error handling in sed_cert_path_for_(apache|nginx)
2018-11-22 15:06:23 +01:00
Benoît S.
88b66dca24
Evoacme: Better usage of apache2ctl -t
...
By default apache2ctl is using stderr, even for displaying "Syntax OK".
So, we redirect it in stdout and remove "Syntax OK". Then we check the exit code.
2018-10-03 15:16:28 +02:00
Benoît S.
758a537a8d
For SANs certificates, also add a CN for the first domain
2018-07-12 11:12:29 +02:00
Benoît S.
de63c0747f
Support for SAN in self-signed certificates
2018-07-10 17:46:41 +02:00
Benoît S.
17159676d9
Add exit 0 after the command -v commands.
...
Otherwise it would exit 1 on nginx if you have not nginx installed.
2018-07-10 17:09:20 +02:00
Jérémy Lecour
77b5f84567
evoacme: disable old certbot cron also in cron.daily
2018-06-21 17:22:40 +02:00
Victor LABORIE
9f34db8f9a
evoacme: fix module detection in apache config
2018-06-20 11:07:23 +02:00
Jérémy Lecour
ce11c39ce4
evoacme: add a symlink for vhosts with old path
2018-03-30 18:45:26 +02:00
Jérémy Lecour
7385e2894e
evoacme: fix version comparison for evoacme
2018-03-30 18:43:03 +02:00
Benoît S.
a4a3569630
Show the certificate path when exiting with an error
2018-03-06 10:34:55 +01:00
Benoît S.
cdaad871b3
Be sure to check the exit code of certbot
...
If we use set -e but no -o pipefail with a pipe, the last command exit code is
used by set -e.
certbot | grep -v something
If the grep exit with a non-zero exit code, set -e stop the execution of the
script. We don't care about that grep, so we now use the PIPESTATUS.
2018-03-05 14:46:49 +01:00
Gregory Colpart
fb6cb79b41
Keep read right on group for software with non-root access like OpenLDAP
2018-01-28 17:13:23 +01:00
Jérémy Lecour
19b2da5b92
evoacme: exclude typical certbot directories
2018-01-22 18:27:37 +01:00
Jérémy Lecour
8f88a48e15
evoacme cron task : improve readability
...
* use long form options
* break line before pipe
2018-01-03 10:12:14 +01:00