Commit graph

14 commits

Author SHA1 Message Date
June b536e5c2fb Fix: Add necessary becomes 2023-07-09 00:26:20 +02:00
jtbx b2e9c22821 cert, nginx: Update for debian 12 2023-07-09 00:03:38 +02:00
June 82b64e24c6 Fix variable name
Thanks jtbx for pointing that out!
2023-07-08 23:41:12 +02:00
June 8bc60e42a8 Extend distribution_check role to account for Ansible changes reg. facts
Somewhere between ansible [core 2.14.4] and ansible [core 2.15.0] the
logic for the distribution_version Ansible fact got changed. With the
newer Ansible version Debians distribution_version gets reported as 11.7
as opposed to getting reported as 11 with the old Ansible version. To
still allow for useful distribution checks, extend the
distribution_check role by allowing the specification of
distribution_major_versions and distribution_releases as well.
This way you can check for an Ubuntu version by using
distribution_version (which for example resolves to 18.04, while
distribution_major_version would resolve to 18 in that case) and check
for a Debian version by using distribution_major_version (which for
example resolves to 11, while distribution_version would resolve to 11.7
in that case).
2023-07-08 19:58:02 +02:00
June f4a79fb4e2 Make it possible to set custom permissions for certificate files
This is in preparation for a role using OpenSMTPD.
2023-05-09 22:07:44 +02:00
yuri 1cd0700cf5
Fix filename for include_tasks 2023-05-09 17:20:24 +02:00
yuri 1bcb77961b
Use the .yaml file extension for all YAML files 2023-05-08 19:55:08 +02:00
julian 1a0636307b Use Certbot naming for certificate files 2023-05-01 00:18:59 +02:00
julian aac049efb2 Use BIND 9 server instead of Cloudfl. for DNS-01 challenge via nsupdate
Co-authored-by: Jannik Beyerstedt <code@jannikbeyerstedt.de>
2023-04-27 23:38:14 +02:00
julian 4814ea8bda Use one ACME account key per host
This is nicer for us, since this avoids sharing a secret.
Also put certificate directories in `certs` sub-directory for better
organization.
2023-04-25 18:03:59 +02:00
julian f9c51842fd Make use of become in role 2023-04-25 17:13:10 +02:00
julian 6e9d07b6f6 Add some spacing between tasks 2023-04-25 16:59:02 +02:00
julian f8d89c9742 Use /etc/ansible_certs instead of /certs directory 2023-04-25 16:57:34 +02:00
yuri c407f93b0a
Add initial cert role 2023-04-25 13:49:45 +02:00