blob: 16c9fc94e21248fdc64a9fac5f64c81075b75d83 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
---
- name: Install certbot-dns-cloudflare
apt:
name: python3-certbot-dns-cloudflare
- name: Create letsencrypt directory
file:
path: /etc/letsencrypt
state: directory
owner: root
group: root
mode: "0710"
- name: Create letsencrypt configuration
copy:
dest: /etc/letsencrypt/cli.ini
owner: root
group: root
mode: "0700"
content: |
# Let's Encrypt site-wide configuration
dns-cloudflare-credentials = /etc/letsencrypt/dns-cloudflare.ini
# Use the ACME v2 staging URI for testing things
# server = https://acme-staging-v02.api.letsencrypt.org/directory
# Production ACME v2 API endpoint
server = https://acme-v02.api.letsencrypt.org/directory
- name: Create dns-cloudflare configuration
copy:
dest: /etc/letsencrypt/dns-cloudflare.ini
owner: root
group: root
mode: "0700"
content: |
dns_cloudflare_api_token = {{ certbot_cloudflare_api_token }}
- name: Create certificates
import_role:
name: geerlingguy.certbot
vars:
certbot_auto_renew_user: "{{certbot_auto_renew_user}}"
certbot_create_if_missing: "{{certbot_create_if_missing}}"
certbot_install_method: "{{certbot_install_method}}"
certbot_create_method: "{{certbot_create_method}}"
certbot_create_standalone_stop_services: "{{certbot_create_standalone_stop_services}}"
certbot_create_command: "{{certbot_create_command}}"
|