certbot(role): support DNS-01 certs using acme-dns
All checks were successful
/ Ansible Lint (push) Successful in 3m36s
All checks were successful
/ Ansible Lint (push) Successful in 3m36s
Introduce new configuration structure called certbot__certs, which allows for different challenge types per cert with the first challenge type supported being dns-01-acme-dns.
This commit is contained in:
parent
21f51ea2d7
commit
8bf6dfbefb
SSH key fingerprint:
SHA256:o9EAq4Y9N9K0pBQeBTqhSDrND5E7oB+60ZNx0U1yPe0
9 changed files with 188 additions and 18 deletions
31
roles/certbot/tasks/main/validate_cert.yaml
Normal file
31
roles/certbot/tasks/main/validate_cert.yaml
Normal file
|
|
@ -0,0 +1,31 @@
|
|||
- name: validate dns-01-acme-dns challenge type config
|
||||
when: item.challengeType == "dns-01-acme-dns"
|
||||
block:
|
||||
- name: assert dns_01_acme_dns config exists
|
||||
ansible.builtin.assert:
|
||||
that: item.dns_01_acme_dns is defined
|
||||
|
||||
- name: assert dns_01_acme_dns config is valid
|
||||
ansible.builtin.validate_argument_spec:
|
||||
argument_spec: "{{ required_data }}"
|
||||
provided_arguments:
|
||||
dns_01_acme_dns: "{{ item.dns_01_acme_dns }}"
|
||||
vars:
|
||||
required_data:
|
||||
dns_01_acme_dns:
|
||||
type: dict
|
||||
required: true
|
||||
options:
|
||||
serverUrl:
|
||||
type: str
|
||||
required: false
|
||||
default: https://acmedns.hamburg.ccc.de
|
||||
subdomain:
|
||||
type: str
|
||||
required: true
|
||||
apiUser:
|
||||
type: str
|
||||
required: true
|
||||
apiKey:
|
||||
type: str
|
||||
required: true
|
||||
Loading…
Add table
Add a link
Reference in a new issue