blob: 07c85652047d3d41aeae3008d2ea545940222244 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
---
- name: Install certbot-dns-cloudflare
apt:
name: python3-certbot-dns-cloudflare
- name: Create letsencrypt directory
file:
path: /etc/letsencrypt
state: directory
owner: root
group: root
mode: "0710"
- name: Create letsencrypt configuration
copy:
dest: /etc/letsencrypt/cli.ini
owner: root
group: root
mode: "0700"
content: |
# Let's Encrypt site-wide configuration
dns-cloudflare-credentials = /etc/letsencrypt/dns-cloudflare.ini
# Use the ACME v2 staging URI for testing things
# server = https://acme-staging-v02.api.letsencrypt.org/directory
# Production ACME v2 API endpoint
server = https://acme-v02.api.letsencrypt.org/directory
# Because we are using logrotate for greater flexibility, disable the
# internal certbot logrotation.
max-log-backups = 0
# Adjust interactive output regarding automated renewal
preconfigured-renewal = True
- name: Create dns-cloudflare configuration
copy:
dest: /etc/letsencrypt/dns-cloudflare.ini
owner: root
group: root
mode: "0700"
content: |
dns_cloudflare_api_token = {{ certbot_cloudflare_api_token }}
- name: Create certificates
import_role:
name: geerlingguy.certbot
|