Release 10.0.0 #100
11
certbot/files/cron_jessie
Normal file
11
certbot/files/cron_jessie
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
# /etc/cron.d/certbot: crontab entries for the certbot package
|
||||||
|
#
|
||||||
|
# Upstream recommends attempting renewal twice a day
|
||||||
|
#
|
||||||
|
# Eventually, this will be an opportunity to validate certificates
|
||||||
|
# haven't been revoked, etc. Renewal will only occur if expiration
|
||||||
|
# is within 30 days.
|
||||||
|
SHELL=/bin/sh
|
||||||
|
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
|
||||||
|
|
||||||
|
0 */12 * * * root test -x /usr/local/bin/certbot && perl -e 'sleep int(rand(3600))' && /usr/local/bin/certbot --no-self-update -q renew
|
|
@ -14,3 +14,7 @@
|
||||||
service:
|
service:
|
||||||
name: haproxy
|
name: haproxy
|
||||||
state: reloaded
|
state: reloaded
|
||||||
|
|
||||||
|
- name: systemd daemon-reload
|
||||||
|
systemd:
|
||||||
|
daemon_reload: yes
|
||||||
|
|
6
certbot/tasks/install-package.yml
Normal file
6
certbot/tasks/install-package.yml
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: certbot package is installed
|
||||||
|
apt:
|
||||||
|
name: certbot
|
||||||
|
state: latest
|
34
certbot/tasks/install-sources.yml
Normal file
34
certbot/tasks/install-sources.yml
Normal file
|
@ -0,0 +1,34 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: certbot package is removed
|
||||||
|
apt:
|
||||||
|
name: certbot
|
||||||
|
state: absent
|
||||||
|
|
||||||
|
- include_role:
|
||||||
|
name: evolix/remount-usr
|
||||||
|
|
||||||
|
- name: Certbot script is downloaded
|
||||||
|
get_url:
|
||||||
|
url: https://dl.eff.org/certbot-auto
|
||||||
|
dest: /usr/local/bin/certbot
|
||||||
|
mode: '0755'
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
force: no
|
||||||
|
|
||||||
|
- name: systemd artefacts are absent
|
||||||
|
file:
|
||||||
|
dest: "{{ item }}"
|
||||||
|
state: absent
|
||||||
|
loop:
|
||||||
|
- /etc/systemd/system/certbot.service
|
||||||
|
- /etc/systemd/system/certbot.service.d
|
||||||
|
- /etc/systemd/system/certbot.timer
|
||||||
|
notify: systemd daemon-reload
|
||||||
|
|
||||||
|
- name: custom crontab is present
|
||||||
|
copy:
|
||||||
|
src: cron_jessie
|
||||||
|
dest: /etc/cron.d/certbot
|
||||||
|
force: yes
|
|
@ -4,13 +4,20 @@
|
||||||
assert:
|
assert:
|
||||||
that:
|
that:
|
||||||
- ansible_distribution == "Debian"
|
- ansible_distribution == "Debian"
|
||||||
- ansible_distribution_major_version is version('9', '>=')
|
- ansible_distribution_major_version is version('8', '>=')
|
||||||
msg: only compatible with Debian 9+
|
msg: only compatible with Debian 9+
|
||||||
|
|
||||||
- name: certbot package is installed
|
- name: Install from sources on Debian 8
|
||||||
apt:
|
include: install-sources.yml
|
||||||
name: certbot
|
when:
|
||||||
state: latest
|
- ansible_distribution == "Debian"
|
||||||
|
- ansible_distribution_major_version is version('8', '=')
|
||||||
|
|
||||||
|
- name: Install package on Debian 9+
|
||||||
|
include: install-package.yml
|
||||||
|
when:
|
||||||
|
- ansible_distribution == "Debian"
|
||||||
|
- ansible_distribution_major_version is version('9', '>=')
|
||||||
|
|
||||||
- include: acme-challenge.yml
|
- include: acme-challenge.yml
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue