Merge branch 'fix-certbot-auto-install' into 'master'

Fix certbot auto install with Ansible role See merge request !26

Merge branch 'fix-certbot-auto-install' into 'master'
Fix certbot auto install with Ansible role See merge request !26
95b090c9 · Agate · 8b53f6a5 · f953bacf · 95b090c9
Commit 95b090c9 authored 4 years ago by Agate 💬
--- a/tasks/nginx.yml
+++ b/tasks/nginx.yml
@@ -14,23 +14,41 @@
    state: started

 # from https://gist.github.com/mattiaslundberg/ba214a35060d3c8603e9b1ec8627d349
- name: "Download certbot-auto"
+
+- name: Install snapd
+  when: funkwhale_nginx_managed and funkwhale_letsencrypt_enabled
+  become: true
+  package:
+    name: snapd
+    state: present
+
+- name: Prepare snapd for certbot installation
+  when: funkwhale_nginx_managed and funkwhale_letsencrypt_enabled
+  become: true
+  command: snap install core
+  
+- name: Refresh core snap before installing certbot
+  when: funkwhale_nginx_managed and funkwhale_letsencrypt_enabled
+  become: true
+  command: snap refresh core
+  
+- name: Install certbot snap
  when: funkwhale_nginx_managed and funkwhale_letsencrypt_enabled
  become: true
-  get_url:
-    url: https://dl.eff.org/certbot-auto
-    dest: /usr/local/bin/certbot-auto
-    mode: 0750
+  command: snap install --classic certbot

- name: "Install certbot using certbot-auto"
+- name: Link certbot snap installation
  when: funkwhale_nginx_managed and funkwhale_letsencrypt_enabled
  become: true
-  command: certbot-auto --install-only -n -v
+  file: 
+    src: /snap/bin/certbot
+    dest: /usr/bin/certbot
+    state: link

 - name: Create letsencrypt certificate
  when: funkwhale_nginx_managed and funkwhale_letsencrypt_enabled and not funkwhale_letsencrypt_skip_cert
  become: true
-  command: certbot-auto -v -n certonly --nginx -m {{ funkwhale_letsencrypt_email }} --agree-tos -d {{ funkwhale_hostname }} {{ funkwhale_letsencrypt_certbot_flags }}
+  command: certbot -v -n certonly --nginx -m {{ funkwhale_letsencrypt_email }} --agree-tos -d {{ funkwhale_hostname }} {{ funkwhale_letsencrypt_certbot_flags }}
  args:
    creates: /etc/letsencrypt/live/{{ funkwhale_hostname }}

@@ -40,7 +58,7 @@
  cron:
    name: funkwhale_letsencrypt_renewal
    special_time: weekly
-    job: /usr/local/bin/certbot-auto -v -n certonly --nginx -m {{ funkwhale_letsencrypt_email }} --agree-tos -d {{ funkwhale_hostname }} {{ funkwhale_letsencrypt_certbot_flags }}
+    job: /usr/bin/certbot -v -n certonly --nginx -m {{ funkwhale_letsencrypt_email }} --agree-tos -d {{ funkwhale_hostname }} {{ funkwhale_letsencrypt_certbot_flags }}

 - name: "Create funkwhale proxy file"
  when: funkwhale_nginx_managed