Remove letsrenew role
This commit is contained in:
Alexander Dietrich
parent
1eac320d75
commit
15de2e680e
|
|
@ -9,8 +9,3 @@
|
||||||
roles:
|
roles:
|
||||||
- certsync
|
- certsync
|
||||||
tags: certsync
|
tags: certsync
|
||||||
|
|
||||||
- hosts: letsrenew
|
|
||||||
roles:
|
|
||||||
- letsrenew
|
|
||||||
tags: letsrenew
|
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,2 @@
|
||||||
letsencrypt_webroot: /var/www/mail
|
letsencrypt_webroot: /var/www/mail
|
||||||
letsrenew_email: alexander@hamburg.freifunk.net
|
|
||||||
nginx_resolver: 80.252.105.162 80.252.105.194
|
nginx_resolver: 80.252.105.162 80.252.105.194
|
||||||
|
|
|
||||||
|
|
@ -6,10 +6,6 @@ srv04 ansible_host=srv04.hamburg.freifunk.net
|
||||||
[certsync]
|
[certsync]
|
||||||
srv03
|
srv03
|
||||||
|
|
||||||
[letsrenew]
|
|
||||||
srv01
|
|
||||||
srv04
|
|
||||||
|
|
||||||
[updates]
|
[updates]
|
||||||
srv01
|
srv01
|
||||||
srv03
|
srv03
|
||||||
|
|
|
||||||
|
|
@ -1,3 +0,0 @@
|
||||||
---
|
|
||||||
letsencrypt_webroot: /var/www/letsencrypt
|
|
||||||
letsrenew_email: ""
|
|
||||||
|
|
@ -1,40 +0,0 @@
|
||||||
---
|
|
||||||
- name: create /opt/certbot
|
|
||||||
file:
|
|
||||||
path: /opt/certbot
|
|
||||||
mode: 0750
|
|
||||||
state: directory
|
|
||||||
|
|
||||||
- name: download certbot
|
|
||||||
get_url:
|
|
||||||
url: https://raw.githubusercontent.com/certbot/certbot/master/certbot-auto
|
|
||||||
dest: /opt/certbot/certbot-auto
|
|
||||||
mode: 0550
|
|
||||||
|
|
||||||
- name: create webroot path
|
|
||||||
file:
|
|
||||||
path: "{{ letsencrypt_webroot }}"
|
|
||||||
state: directory
|
|
||||||
|
|
||||||
- name: create /etc/letsencrypt
|
|
||||||
file:
|
|
||||||
path: /etc/letsencrypt
|
|
||||||
state: directory
|
|
||||||
|
|
||||||
- name: template cli.ini
|
|
||||||
template:
|
|
||||||
src: cli.ini.j2
|
|
||||||
dest: /etc/letsencrypt/cli.ini
|
|
||||||
|
|
||||||
- name: clone letsrenew
|
|
||||||
git:
|
|
||||||
repo: https://github.com/7adietri/letsrenew.git
|
|
||||||
dest: /opt/letsrenew
|
|
||||||
|
|
||||||
- name: create cronjob
|
|
||||||
cron:
|
|
||||||
name: "Let's Encrypt certificate renewal"
|
|
||||||
job: "/opt/letsrenew/letsrenew {{ letsrenew_email }} /opt/certbot/certbot-auto"
|
|
||||||
minute: 0
|
|
||||||
hour: 6
|
|
||||||
weekday: 1
|
|
||||||
|
|
@ -1,27 +0,0 @@
|
||||||
agree-tos = True
|
|
||||||
non-interactive = True
|
|
||||||
renew-by-default = True
|
|
||||||
text = True
|
|
||||||
|
|
||||||
# All flags used by the client can be configured here. Run Certbot with
|
|
||||||
# "--help" to learn more about the available options.
|
|
||||||
#
|
|
||||||
# Note that these options apply automatically to all use of Certbot for
|
|
||||||
# obtaining or renewing certificates, so options specific to a single
|
|
||||||
# certificate on a system with several certificates should not be placed
|
|
||||||
# here.
|
|
||||||
|
|
||||||
# Use a 4096 bit RSA key instead of 2048
|
|
||||||
rsa-key-size = 4096
|
|
||||||
|
|
||||||
# Uncomment and update to register with the specified e-mail address
|
|
||||||
email = backend@hamburg.freifunk.net
|
|
||||||
|
|
||||||
# Uncomment to use the standalone authenticator on port 443
|
|
||||||
# authenticator = standalone
|
|
||||||
# standalone-supported-challenges = tls-sni-01
|
|
||||||
|
|
||||||
# Uncomment to use the webroot authenticator. Replace webroot-path with the
|
|
||||||
# path to the public_html / webroot folder being served by your web server.
|
|
||||||
authenticator = webroot
|
|
||||||
webroot-path = {{ letsencrypt_webroot }}
|
|
||||||
Loading…
Reference in a new issue