CCCHH/ansible-infra
CCCHH/ansible-infra
3
0
Fork 0
Code Issues 5 Pull requests Wiki Activity

Fix: Add necessary becomes

Browse source
This commit is contained in:
June 2023-07-09 00:20:00 +02:00 committed by jtbx
parent b2e9c22821
commit b536e5c2fb
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
playbooks/roles/cert/tasks/deploy_cert.yaml
View file

@ -84,10 +84,12 @@
vars: vars:
cert__nsupdate_domain: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].record }}" cert__nsupdate_domain: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].record }}"
cert__nsupdate_txt_data: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].resource_value }}" cert__nsupdate_txt_data: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].resource_value }}"
become: true
delegate_to: "{{ cert__bind_9_host }}" delegate_to: "{{ cert__bind_9_host }}"
- name: Add DNS record to BIND 9 server via nsupdate # noqa: no-changed-when - name: Add DNS record to BIND 9 server via nsupdate # noqa: no-changed-when
ansible.builtin.command: /usr/bin/nsupdate -l /root/nsupdate_add_txt_record ansible.builtin.command: /usr/bin/nsupdate -l /root/nsupdate_add_txt_record
become: true
delegate_to: "{{ cert__bind_9_host }}" delegate_to: "{{ cert__bind_9_host }}"
- name: Retrieve certificate - name: Retrieve certificate
@ -110,6 +112,7 @@
ansible.builtin.file: ansible.builtin.file:
path: /root/nsupdate_add_txt_record path: /root/nsupdate_add_txt_record
state: absent state: absent
become: true
delegate_to: "{{ cert__bind_9_host }}" delegate_to: "{{ cert__bind_9_host }}"
- name: Remove TXT record again - name: Remove TXT record again
@ -124,16 +127,19 @@
vars: vars:
cert__nsupdate_domain: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].record }}" cert__nsupdate_domain: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].record }}"
cert__nsupdate_txt_data: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].resource_value }}" cert__nsupdate_txt_data: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].resource_value }}"
become: true
delegate_to: "{{ cert__bind_9_host }}" delegate_to: "{{ cert__bind_9_host }}"
- name: Remove DNS record from BIND 9 server via nsupdate # noqa: no-changed-when - name: Remove DNS record from BIND 9 server via nsupdate # noqa: no-changed-when
ansible.builtin.command: /usr/bin/nsupdate -l /root/nsupdate_delete_txt_record ansible.builtin.command: /usr/bin/nsupdate -l /root/nsupdate_delete_txt_record
become: true
delegate_to: "{{ cert__bind_9_host }}" delegate_to: "{{ cert__bind_9_host }}"
always: always:
- name: Remove file containing nsupdate commands for deleting TXT record again - name: Remove file containing nsupdate commands for deleting TXT record again
ansible.builtin.file: ansible.builtin.file:
path: /root/nsupdate_delete_txt_record path: /root/nsupdate_delete_txt_record
state: absent state: absent
become: true
delegate_to: "{{ cert__bind_9_host }}" delegate_to: "{{ cert__bind_9_host }}"
- name: Ensure correct permissions for certificate are set - name: Ensure correct permissions for certificate are set