From b536e5c2fb7e29485dc590d6bed1dd7e05fd5910 Mon Sep 17 00:00:00 2001 From: julian Date: Sun, 9 Jul 2023 00:20:00 +0200 Subject: [PATCH] Fix: Add necessary becomes --- playbooks/roles/cert/tasks/deploy_cert.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/playbooks/roles/cert/tasks/deploy_cert.yaml b/playbooks/roles/cert/tasks/deploy_cert.yaml index 328a9c3..bd97ebe 100644 --- a/playbooks/roles/cert/tasks/deploy_cert.yaml +++ b/playbooks/roles/cert/tasks/deploy_cert.yaml @@ -84,10 +84,12 @@ vars: cert__nsupdate_domain: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].record }}" cert__nsupdate_txt_data: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].resource_value }}" + become: true delegate_to: "{{ cert__bind_9_host }}" - name: Add DNS record to BIND 9 server via nsupdate # noqa: no-changed-when ansible.builtin.command: /usr/bin/nsupdate -l /root/nsupdate_add_txt_record + become: true delegate_to: "{{ cert__bind_9_host }}" - name: Retrieve certificate @@ -110,6 +112,7 @@ ansible.builtin.file: path: /root/nsupdate_add_txt_record state: absent + become: true delegate_to: "{{ cert__bind_9_host }}" - name: Remove TXT record again @@ -124,16 +127,19 @@ vars: cert__nsupdate_domain: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].record }}" cert__nsupdate_txt_data: "{{ cert__acme_challenge.challenge_data[item]['dns-01'].resource_value }}" + become: true delegate_to: "{{ cert__bind_9_host }}" - name: Remove DNS record from BIND 9 server via nsupdate # noqa: no-changed-when ansible.builtin.command: /usr/bin/nsupdate -l /root/nsupdate_delete_txt_record + become: true delegate_to: "{{ cert__bind_9_host }}" always: - name: Remove file containing nsupdate commands for deleting TXT record again ansible.builtin.file: path: /root/nsupdate_delete_txt_record state: absent + become: true delegate_to: "{{ cert__bind_9_host }}" - name: Ensure correct permissions for certificate are set