Fix: Add necessary becomes

2023-07-09 00:20:00 +02:00 · 2023-07-09 00:20:00 +02:00 · b536e5c2fb
parent b2e9c22821
commit b536e5c2fb
1 changed files with 6 additions and 0 deletions
--- a/playbooks/roles/cert/tasks/deploy_cert.yaml
+++ b/playbooks/roles/cert/tasks/deploy_cert.yaml
@ -84,10 +84,12 @@
      vars:
        cert__nsupdate_domain: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].record }}"
        cert__nsupdate_txt_data: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].resource_value }}"
+      become: true
      delegate_to: "{{ cert__bind_9_host }}"

    - name: Add DNS record to BIND 9 server via nsupdate  # noqa: no-changed-when
      ansible.builtin.command: /usr/bin/nsupdate -l /root/nsupdate_add_txt_record
+      become: true
      delegate_to: "{{ cert__bind_9_host }}"

    - name: Retrieve certificate
@ -110,6 +112,7 @@
      ansible.builtin.file:
        path: /root/nsupdate_add_txt_record
        state: absent
+      become: true
      delegate_to: "{{ cert__bind_9_host }}"

    - name: Remove TXT record again
@ -124,16 +127,19 @@
          vars:
            cert__nsupdate_domain: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].record }}"
            cert__nsupdate_txt_data: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].resource_value }}"
+          become: true
          delegate_to: "{{ cert__bind_9_host }}"

        - name: Remove DNS record from BIND 9 server via nsupdate  # noqa: no-changed-when
          ansible.builtin.command: /usr/bin/nsupdate -l /root/nsupdate_delete_txt_record
+          become: true
          delegate_to: "{{ cert__bind_9_host }}"
      always:
        - name: Remove file containing nsupdate commands for deleting TXT record again
          ansible.builtin.file:
            path: /root/nsupdate_delete_txt_record
            state: absent
+          become: true
          delegate_to: "{{ cert__bind_9_host }}"

 - name: Ensure correct permissions for certificate are set