evolix/ansible-roles
22
2
Fork 2
Code Issues 61 Pull requests 18 Releases 32 Wiki Activity
ansible-roles/evoacme/tasks/certbot.yml

92 lines
2.2 KiB
YAML
Raw Blame History

---
- name: Set certbot release to Debian stable
set_fact:
evoacme_certbot_release: stable
when:
- ansible_distribution is defined
- ansible_distribution == "Debian"
- ansible_distribution_major_version is defined
- ansible_distribution_major_version|int > 8
- name: Set certbot relase to jessie-backports
set_fact:
evoacme_certbot_release: jessie-backports
when:
- ansible_distribution is defined
- ansible_distribution == "Debian"
- ansible_distribution_major_version is defined
- ansible_distribution_major_version == "8"
- block:
- name: Add backports repository
lineinfile:
dest: /etc/apt/sources.list
line: 'deb http://mirror.evolix.org/debian jessie-backports main'
state: present
register: add_backports
when: evoacme_certbot_release == "jessie-backports"
- name: Apt update
apt:
update_cache: yes
when:
- add_backports is defined
- add_backports|change
- name: Install certbot with apt
apt:
name: certbot
state: latest
default_release: "{{ evoacme_certbot_release }}"
- name: Mount /usr in rw
command: mount -o remount,rw /usr warn=no
changed_when: False
- name: Remove certbot symlink for apt install
file:
path: /usr/local/bin/certbot
state: absent
when: evoacme_certbot_release is defined
- block:
- name: Install certbot from source
git:
repo: https://github.com/certbot/certbot.git
dest: /opt/certbot
update: yes
- name: Fix certbot right for source install
file:
path: /opt/certbot
recurse: yes
state: directory
mode: "g+rX,o+rX"
- name: Install certbot symlink for source install
copy:
dest: /usr/local/bin/certbot
content: |
#!/bin/sh
sudo /opt/certbot/certbot-auto $@
mode: "755"
- name: Add sudo right for source install
copy:
src: files/sudoers
dest: /etc/sudoers.d/certbot
mode: "440"
validate: '/usr/sbin/visudo -cf %s'
when: evoacme_certbot_release is undefined
- name: Remove certbot dpkg cron
file:
path: /etc/cron.d/certbot
state: absent
- name: Install certbot custom cron
copy:
src: certbot.cron
dest: /etc/cron.daily/certbot
mode: "755"
Reference in a new issue View git blame Copy permalink