ramble-hard/lets_encrypt

2 years ago · 60955c1789
parent 7a78a84621
commit 60955c1789
2 changed files with 29 additions and 0 deletions
--- a/ramble-hard/lets_encrypt.yml
+++ b/ramble-hard/lets_encrypt.yml
@ -0,0 +1,27 @@
 - hosts: ramble-hard
  tasks:
  - name: install certbot
    package:
      name:
        - certbot
  - name: stop nginx
    service:
      name: nginx
      state: stopped
  - command: >
      certbot certonly --standalone --preferred-challenges http
      -n --agree-tos -m {{ lets_encrypt_email }}
      -d {{ item }}
    loop: "{{ lets_encrypt_tlds }}"
  - service:
      name: nginx
      state: started
  - template:
      src: lets_encrypt/renew-certs
      dest: /etc/cron.daily/renew-certs
      mode: +x
--- a/ramble-hard/lets_encrypt/renew-certs
+++ b/ramble-hard/lets_encrypt/renew-certs
@ -0,0 +1,2 @@
 #!/bin/sh
 certbot renew -w /var/lib/letsencrypt/ --pre-hook "systemctl stop nginx" --post-hook "systemctl start nginx"
		`@ -0,0 +1,2 @@`
							`#!/bin/sh`
							`certbot renew -w /var/lib/letsencrypt/ --pre-hook "systemctl stop nginx" --post-hook "systemctl start nginx"`