CCCHH/ansible-infra
CCCHH/ansible-infra
4
2
Fork 1
Code Issues 6 Pull requests 4 Wiki Activity Actions

Fix: Add necessary becomes

Browse source
This commit is contained in:
June 2023-07-09 00:20:00 +02:00 committed by jtbx
commit b536e5c2fb
1 changed files with 6 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
playbooks/roles/cert/tasks/deploy_cert.yaml
View file

@ -84,10 +84,12 @@
vars:
cert__nsupdate_domain: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].record }}"
cert__nsupdate_txt_data: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].resource_value }}"
become: true
delegate_to: "{{ cert__bind_9_host }}"
- name: Add DNS record to BIND 9 server via nsupdate # noqa: no-changed-when
ansible.builtin.command: /usr/bin/nsupdate -l /root/nsupdate_add_txt_record
become: true
delegate_to: "{{ cert__bind_9_host }}"
- name: Retrieve certificate
@ -110,6 +112,7 @@
ansible.builtin.file:
path: /root/nsupdate_add_txt_record
state: absent
become: true
delegate_to: "{{ cert__bind_9_host }}"
- name: Remove TXT record again
@ -124,16 +127,19 @@
vars:
cert__nsupdate_domain: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].record }}"
cert__nsupdate_txt_data: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].resource_value }}"
become: true
delegate_to: "{{ cert__bind_9_host }}"
- name: Remove DNS record from BIND 9 server via nsupdate # noqa: no-changed-when
ansible.builtin.command: /usr/bin/nsupdate -l /root/nsupdate_delete_txt_record
become: true
delegate_to: "{{ cert__bind_9_host }}"
always:
- name: Remove file containing nsupdate commands for deleting TXT record again
ansible.builtin.file:
path: /root/nsupdate_delete_txt_record
state: absent
become: true
delegate_to: "{{ cert__bind_9_host }}"
- name: Ensure correct permissions for certificate are set