Skip to content
Snippets Groups Projects
Commit 95b090c9 authored by Agate's avatar Agate :speech_balloon:
Browse files

Merge branch 'fix-certbot-auto-install' into 'master' 

Fix certbot auto install with Ansible role

See merge request !26
parents 8b53f6a5 f953bacf
Branches
Tags
1 merge request!26Fix certbot auto install with Ansible role
Pipeline #16238 failed
Stage: test
Stage: deploy
Show whitespace changes
Inline Side-by-side
Showing
with 27 additions and 9 deletions
tasks/nginx.yml
+ 27
9
View file @ 95b090c9
...@@ -14,23 +14,41 @@ ...@@ -14,23 +14,41 @@
state: started state: started
# from https://gist.github.com/mattiaslundberg/ba214a35060d3c8603e9b1ec8627d349 # from https://gist.github.com/mattiaslundberg/ba214a35060d3c8603e9b1ec8627d349
- name: "Download certbot-auto"
- name: Install snapd
when: funkwhale_nginx_managed and funkwhale_letsencrypt_enabled
become: true
package:
name: snapd
state: present
- name: Prepare snapd for certbot installation
when: funkwhale_nginx_managed and funkwhale_letsencrypt_enabled
become: true
command: snap install core
- name: Refresh core snap before installing certbot
when: funkwhale_nginx_managed and funkwhale_letsencrypt_enabled
become: true
command: snap refresh core
- name: Install certbot snap
when: funkwhale_nginx_managed and funkwhale_letsencrypt_enabled when: funkwhale_nginx_managed and funkwhale_letsencrypt_enabled
become: true become: true
get_url: command: snap install --classic certbot
url: https://dl.eff.org/certbot-auto
dest: /usr/local/bin/certbot-auto
mode: 0750
- name: "Install certbot using certbot-auto" - name: Link certbot snap installation
when: funkwhale_nginx_managed and funkwhale_letsencrypt_enabled when: funkwhale_nginx_managed and funkwhale_letsencrypt_enabled
become: true become: true
command: certbot-auto --install-only -n -v file:
src: /snap/bin/certbot
dest: /usr/bin/certbot
state: link
- name: Create letsencrypt certificate - name: Create letsencrypt certificate
when: funkwhale_nginx_managed and funkwhale_letsencrypt_enabled and not funkwhale_letsencrypt_skip_cert when: funkwhale_nginx_managed and funkwhale_letsencrypt_enabled and not funkwhale_letsencrypt_skip_cert
become: true become: true
command: certbot-auto -v -n certonly --nginx -m {{ funkwhale_letsencrypt_email }} --agree-tos -d {{ funkwhale_hostname }} {{ funkwhale_letsencrypt_certbot_flags }} command: certbot -v -n certonly --nginx -m {{ funkwhale_letsencrypt_email }} --agree-tos -d {{ funkwhale_hostname }} {{ funkwhale_letsencrypt_certbot_flags }}
args: args:
creates: /etc/letsencrypt/live/{{ funkwhale_hostname }} creates: /etc/letsencrypt/live/{{ funkwhale_hostname }}
...@@ -40,7 +58,7 @@ ...@@ -40,7 +58,7 @@
cron: cron:
name: funkwhale_letsencrypt_renewal name: funkwhale_letsencrypt_renewal
special_time: weekly special_time: weekly
job: /usr/local/bin/certbot-auto -v -n certonly --nginx -m {{ funkwhale_letsencrypt_email }} --agree-tos -d {{ funkwhale_hostname }} {{ funkwhale_letsencrypt_certbot_flags }} job: /usr/bin/certbot -v -n certonly --nginx -m {{ funkwhale_letsencrypt_email }} --agree-tos -d {{ funkwhale_hostname }} {{ funkwhale_letsencrypt_certbot_flags }}
- name: "Create funkwhale proxy file" - name: "Create funkwhale proxy file"
when: funkwhale_nginx_managed when: funkwhale_nginx_managed
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment