Update certbot role, add Jitsi host

This commit is contained in:
Alexander Dietrich 2020-03-25 16:59:42 +01:00
parent 219f9bf115
commit 21c1c90ef3
4 changed files with 12 additions and 29 deletions

View file

@ -5,6 +5,7 @@ srv01 ansible_host=srv01.hamburg.freifunk.net
srv03 ansible_host=srv03.hamburg.freifunk.net srv03 ansible_host=srv03.hamburg.freifunk.net
[certbot] [certbot]
jitsi
srv01 srv01
#srv02 #srv02

View file

@ -1,5 +1,6 @@
# All flags used by the client can be configured here. Run Certbot with # Because we are using logrotate for greater flexibility, disable the
# "--help" to learn more about the available options. # internal certbot logrotation.
max-log-backups = 0
email = backend@hamburg.freifunk.net email = backend@hamburg.freifunk.net
rsa-key-size = 4096 rsa-key-size = 4096

View file

@ -2,4 +2,4 @@
PATH="/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin" PATH="/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin"
service nginx reload systemctl reload nginx

View file

@ -1,38 +1,19 @@
--- ---
- name: create directories - name: install certbot
apt:
name: certbot
cache_valid_time: 86400
- name: create webroot directory
file: file:
path: "{{ item }}" path: /var/www/_acme-challenge
state: directory state: directory
with_items:
- /etc/letsencrypt/renewal-hooks/deploy
- /etc/letsencrypt/renewal-hooks/post
- /etc/letsencrypt/renewal-hooks/pre
- /var/www/_acme-challenge
- name: check for certbot-auto
stat:
path: /usr/local/sbin/certbot-auto
register: certbot
- name: download certbot-auto
get_url:
url: "https://dl.eff.org/certbot-auto"
dest: /usr/local/sbin
mode: 0755
when: not certbot.stat.exists
- name: copy cli.ini - name: copy cli.ini
copy: copy:
src: cli.ini src: cli.ini
dest: /etc/letsencrypt/ dest: /etc/letsencrypt/
- name: create renewal cronjob
cron:
name: "Let's Encrypt certificate renewal"
job: /usr/local/sbin/certbot-auto renew -q
hour: "6"
minute: "0"
- name: populate service facts - name: populate service facts
service_facts: service_facts: