Add certbot command for HTTP-01 challenge
This commit is contained in:
parent
2b80d8b762
commit
ab2ec4f933
1 changed files with 28 additions and 0 deletions
|
|
@ -54,3 +54,31 @@
|
||||||
dest: /etc/nftables/input.d/http-certbot.conf
|
dest: /etc/nftables/input.d/http-certbot.conf
|
||||||
mode: 0640
|
mode: 0640
|
||||||
notify: Reload nftables service
|
notify: Reload nftables service
|
||||||
|
|
||||||
|
- name: Set letsencrypt http-01 challenge argv
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
letsencrypt_http_01_challenge_argv:
|
||||||
|
- /usr/bin/certbot
|
||||||
|
- certonly
|
||||||
|
- -n
|
||||||
|
- --webroot
|
||||||
|
- --webroot-path
|
||||||
|
- /var/www/acme
|
||||||
|
- -d
|
||||||
|
- "{{ letsencrypt_domain }}"
|
||||||
|
- -m
|
||||||
|
- "{{ letsencrypt_email }}"
|
||||||
|
- --agree-tos
|
||||||
|
- --post-hook
|
||||||
|
- "{{ letsencrypt_post_hook }}"
|
||||||
|
|
||||||
|
- name: Set letsencrypt http-01 challenge argv (staging)
|
||||||
|
when: ansible_hostname.endswith('-test')
|
||||||
|
ansible.builtin.set_fact:
|
||||||
|
letsencrypt_http_01_challenge_argv: "{{ letsencrypt_http_01_challenge_argv + ['--test-cert'] }}"
|
||||||
|
|
||||||
|
- name: Perform http-01 challenge
|
||||||
|
become: true
|
||||||
|
ansible.builtin.command:
|
||||||
|
argv: "{{ letsencrypt_http_01_challenge_argv }}"
|
||||||
|
creates: "/etc/letsencrypt/live/{{ letsencrypt_domain }}"
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue