Update certbot role, add Jitsi host
This commit is contained in:
parent
219f9bf115
commit
21c1c90ef3
|
@ -5,6 +5,7 @@ srv01 ansible_host=srv01.hamburg.freifunk.net
|
||||||
srv03 ansible_host=srv03.hamburg.freifunk.net
|
srv03 ansible_host=srv03.hamburg.freifunk.net
|
||||||
|
|
||||||
[certbot]
|
[certbot]
|
||||||
|
jitsi
|
||||||
srv01
|
srv01
|
||||||
#srv02
|
#srv02
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
# All flags used by the client can be configured here. Run Certbot with
|
# Because we are using logrotate for greater flexibility, disable the
|
||||||
# "--help" to learn more about the available options.
|
# internal certbot logrotation.
|
||||||
|
max-log-backups = 0
|
||||||
|
|
||||||
email = backend@hamburg.freifunk.net
|
email = backend@hamburg.freifunk.net
|
||||||
rsa-key-size = 4096
|
rsa-key-size = 4096
|
||||||
|
|
|
@ -2,4 +2,4 @@
|
||||||
|
|
||||||
PATH="/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin"
|
PATH="/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin"
|
||||||
|
|
||||||
service nginx reload
|
systemctl reload nginx
|
||||||
|
|
|
@ -1,38 +1,19 @@
|
||||||
---
|
---
|
||||||
- name: create directories
|
- name: install certbot
|
||||||
|
apt:
|
||||||
|
name: certbot
|
||||||
|
cache_valid_time: 86400
|
||||||
|
|
||||||
|
- name: create webroot directory
|
||||||
file:
|
file:
|
||||||
path: "{{ item }}"
|
path: /var/www/_acme-challenge
|
||||||
state: directory
|
state: directory
|
||||||
with_items:
|
|
||||||
- /etc/letsencrypt/renewal-hooks/deploy
|
|
||||||
- /etc/letsencrypt/renewal-hooks/post
|
|
||||||
- /etc/letsencrypt/renewal-hooks/pre
|
|
||||||
- /var/www/_acme-challenge
|
|
||||||
|
|
||||||
- name: check for certbot-auto
|
|
||||||
stat:
|
|
||||||
path: /usr/local/sbin/certbot-auto
|
|
||||||
register: certbot
|
|
||||||
|
|
||||||
- name: download certbot-auto
|
|
||||||
get_url:
|
|
||||||
url: "https://dl.eff.org/certbot-auto"
|
|
||||||
dest: /usr/local/sbin
|
|
||||||
mode: 0755
|
|
||||||
when: not certbot.stat.exists
|
|
||||||
|
|
||||||
- name: copy cli.ini
|
- name: copy cli.ini
|
||||||
copy:
|
copy:
|
||||||
src: cli.ini
|
src: cli.ini
|
||||||
dest: /etc/letsencrypt/
|
dest: /etc/letsencrypt/
|
||||||
|
|
||||||
- name: create renewal cronjob
|
|
||||||
cron:
|
|
||||||
name: "Let's Encrypt certificate renewal"
|
|
||||||
job: /usr/local/sbin/certbot-auto renew -q
|
|
||||||
hour: "6"
|
|
||||||
minute: "0"
|
|
||||||
|
|
||||||
- name: populate service facts
|
- name: populate service facts
|
||||||
service_facts:
|
service_facts:
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue