2016-12-14 15:49:34 +01:00
|
|
|
---
|
|
|
|
- name: Set certbot release to Debian stable
|
2016-12-16 16:16:51 +01:00
|
|
|
set_fact:
|
|
|
|
evoacme_certbot_release: stable
|
2016-12-14 15:49:34 +01:00
|
|
|
when:
|
|
|
|
- ansible_distribution is defined
|
|
|
|
- ansible_distribution == "Debian"
|
|
|
|
- ansible_distribution_major_version is defined
|
|
|
|
- ansible_distribution_major_version|int > 8
|
|
|
|
|
|
|
|
- name: Set certbot relase to jessie-backports
|
2016-12-16 16:16:51 +01:00
|
|
|
set_fact:
|
|
|
|
evoacme_certbot_release: jessie-backports
|
|
|
|
when:
|
2016-12-14 15:49:34 +01:00
|
|
|
- ansible_distribution is defined
|
|
|
|
- ansible_distribution == "Debian"
|
|
|
|
- ansible_distribution_major_version is defined
|
|
|
|
- ansible_distribution_major_version == "8"
|
|
|
|
|
|
|
|
- block:
|
|
|
|
- name: Add backports repository
|
|
|
|
lineinfile:
|
|
|
|
dest: /etc/apt/sources.list
|
|
|
|
line: 'deb http://mirror.evolix.org/debian jessie-backports main'
|
|
|
|
state: present
|
2016-12-16 16:16:51 +01:00
|
|
|
when: evoacme_certbot_release == "jessie-backports"
|
2016-12-14 15:49:34 +01:00
|
|
|
|
|
|
|
- name: Install certbot with apt
|
|
|
|
apt:
|
|
|
|
name: certbot
|
|
|
|
state: latest
|
2016-12-16 16:16:51 +01:00
|
|
|
default_release: "{{ evoacme_certbot_release }}"
|
2016-12-14 15:49:34 +01:00
|
|
|
update_cache: yes
|
|
|
|
|
|
|
|
- name: Mount /usr in rw
|
|
|
|
command: mount -o remount,rw /usr warn=no
|
|
|
|
changed_when: False
|
|
|
|
|
|
|
|
- name: Remove certbot symlink for apt install
|
|
|
|
file:
|
|
|
|
path: /usr/local/bin/certbot
|
|
|
|
state: absent
|
|
|
|
when: release is defined
|
|
|
|
|
|
|
|
- block:
|
|
|
|
- name: Install certbot from source
|
|
|
|
git:
|
|
|
|
repo: https://github.com/certbot/certbot.git
|
|
|
|
dest: /opt/certbot
|
|
|
|
update: yes
|
|
|
|
|
|
|
|
- name: Fix certbot right for source install
|
|
|
|
file:
|
|
|
|
path: /opt/certbot
|
|
|
|
recurse: yes
|
|
|
|
state: directory
|
|
|
|
mode: "g+rX,o+rX"
|
|
|
|
|
|
|
|
- name: Install certbot symlink for source install
|
|
|
|
copy:
|
|
|
|
dest: /usr/local/bin/certbot
|
2016-12-16 16:17:58 +01:00
|
|
|
content: |
|
|
|
|
#!/bin/sh
|
|
|
|
sudo /opt/certbot/certbot-auto $@
|
2016-12-14 15:49:34 +01:00
|
|
|
mode: 0755
|
|
|
|
|
|
|
|
- name: Add sudo right for source install
|
|
|
|
copy:
|
|
|
|
src: files/sudoers
|
|
|
|
dest: /etc/sudoers.d/certbot
|
|
|
|
mode: 0440
|
|
|
|
validate: '/usr/sbin/visudo -cf %s'
|
2016-12-16 16:17:58 +01:00
|
|
|
when: release is undefined
|
2016-12-14 15:49:34 +01:00
|
|
|
|
|
|
|
- name: Remove certbot dpkg cron
|
|
|
|
file:
|
|
|
|
path: /etc/cron.d/certbot
|
|
|
|
state: absent
|
|
|
|
|
|
|
|
- name: Install certbot custom cron
|
|
|
|
copy:
|
|
|
|
src: certbot.cron
|
|
|
|
dest: /etc/cron.daily/certbot
|
|
|
|
mode: 0755
|