forked from evolix/ansible-roles
86 lines
1.8 KiB
YAML
86 lines
1.8 KiB
YAML
---
|
|
- name: Create acme group
|
|
group:
|
|
name: acme
|
|
state: present
|
|
|
|
- name: Create acme user
|
|
user:
|
|
name: acme
|
|
group: acme
|
|
state: present
|
|
createhome: no
|
|
home: "{{ evoacme_acme_dir }}"
|
|
shell: /bin/false
|
|
system: yes
|
|
|
|
- name: Fix crt dir's right
|
|
file:
|
|
path: "{{ evoacme_crt_dir }}"
|
|
mode: "0755"
|
|
owner: acme
|
|
group: acme
|
|
state: directory
|
|
|
|
- name: "Fix hooks directory permissions"
|
|
file:
|
|
path: "{{ evoacme_hooks_dir }}"
|
|
mode: "0700"
|
|
owner: acme
|
|
group: acme
|
|
state: directory
|
|
|
|
- name: "Search for reload_apache hook"
|
|
command: "find {{ evoacme_hooks_dir }} -type f \( -name 'reload_apache' -o -name 'reload_apache.*' \)"
|
|
check_mode: no
|
|
register: find_apache_hook
|
|
|
|
- name: "Copy reload_apache hook if missing"
|
|
copy:
|
|
src: "hooks/reload_apache"
|
|
dest: "{{ evoacme_hooks_dir }}/hooks/reload_apache"
|
|
mode: "0750"
|
|
when: find_apache_hook.stdout == ""
|
|
|
|
- name: "Search for reload_nginx hook"
|
|
command: "find {{ evoacme_hooks_dir }} -type f \( -name 'reload_nginx' -o -name 'reload_nginx.*' \)"
|
|
check_mode: no
|
|
register: find_nginx_hook
|
|
|
|
- name: "Copy reload_nginx hook if missing"
|
|
copy:
|
|
src: "hooks/reload_nginx"
|
|
dest: "{{ evoacme_hooks_dir }}/hooks/reload_nginx"
|
|
mode: "0750"
|
|
when: find_nginx_hook.stdout == ""
|
|
|
|
- name: Fix log dir's right
|
|
file:
|
|
path: "{{ evoacme_log_dir }}"
|
|
mode: "0755"
|
|
owner: acme
|
|
group: acme
|
|
state: directory
|
|
|
|
- name: Fix challenge dir's right
|
|
file:
|
|
path: "{{ evoacme_acme_dir }}"
|
|
mode: "0755"
|
|
owner: acme
|
|
group: acme
|
|
state: directory
|
|
|
|
- name: Is /etc/aliases present?
|
|
stat:
|
|
path: /etc/aliases
|
|
register: etc_aliases
|
|
|
|
- name: Set acme aliases
|
|
lineinfile:
|
|
state: present
|
|
dest: /etc/aliases
|
|
line: 'acme: root'
|
|
regexp: 'acme:'
|
|
when: etc_aliases.stat.exists
|
|
notify: "newaliases"
|