flyingscorpio/self-hosting
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Conditionnaly run DNS-01 or HTTP-01 for certificates

Browse source
This commit is contained in:
Tunui Franken 2024-03-08 09:59:23 +01:00
parent f64784fafa
commit f27a0901c5
3 changed files with 59 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
playbook_mailserver.yml
View file

@ -5,10 +5,25 @@
- name: Install mail server - name: Install mail server
gather_facts: true gather_facts: true
hosts: mailserver,mailserver-test hosts: mailserver,mailserver-test
pre_tasks:
- name: Get local public IP
tags: cert
ansible.builtin.uri:
url: https://ipinfo.io/ip
return_content: true
register: local_public_ip
- name: Get public IP of "{{ letsencrypt_domain }}"
tags: cert
ansible.builtin.set_fact:
target_public_ip: "{{ lookup('community.general.dig', letsencrypt_domain, '@1.1.1.1') }}"
roles: roles:
- role: common_handlers - role: common_handlers
tags: always tags: always
- role: add_cert_http_01
when: local_public_ip == target_public_ip
tags: cert
- role: add_cert_dns_01 - role: add_cert_dns_01
when: local_public_ip != target_public_ip
tags: cert tags: cert
- role: mailserver_database - role: mailserver_database
tags: database tags: database

23
roles/forgejo/tasks/main.yml
View file

@ -1,5 +1,26 @@
--- ---
- name: Deploy letsencrypt certificate
- name: Get local public IP
ansible.builtin.uri:
url: https://ipinfo.io/ip
return_content: true
register: local_public_ip
- name: Get public IP of "{{ forgejo_domain }}"
ansible.builtin.set_fact:
target_public_ip: "{{ lookup('community.general.dig', forgejo_domain, '@1.1.1.1') }}"
- name: Deploy letsencrypt certificate (HTTP-01)
when: local_public_ip == target_public_ip
ansible.builtin.include_role:
name: add_cert_http_01
vars:
letsencrypt_domain: "{{ forgejo_domain }}"
letsencrypt_email: "{{ forgejo_server_admin }}"
letsencrypt_post_hook: systemctl restart apache2
- name: Deploy letsencrypt certificate (DNS-01)
when: local_public_ip != target_public_ip
ansible.builtin.include_role: ansible.builtin.include_role:
name: add_cert_dns_01 name: add_cert_dns_01
vars: vars:

22
roles/tunuifranken/tasks/main.yml
View file

@ -1,10 +1,32 @@
--- ---
- name: Get local public IP
ansible.builtin.uri:
url: https://ipinfo.io/ip
return_content: true
register: local_public_ip
- name: Get public IP of "{{ tunuifranken_domain }}"
ansible.builtin.set_fact:
target_public_ip: "{{ lookup('community.general.dig', tunuifranken_domain, '@1.1.1.1') }}"
- name: Deploy letsencrypt certificate (HTTP-01)
when: local_public_ip == target_public_ip
ansible.builtin.include_role:
name: add_cert_http_01
vars:
letsencrypt_domain: "{{ tunuifranken_domain }}"
letsencrypt_email: "{{ tunuifranken_server_admin }}"
letsencrypt_post_hook: systemctl restart apache2
- name: Deploy letsencrypt certificate - name: Deploy letsencrypt certificate
when: local_public_ip != target_public_ip
ansible.builtin.include_role: ansible.builtin.include_role:
name: add_cert_dns_01 name: add_cert_dns_01
vars: vars:
letsencrypt_domain: "{{ tunuifranken_domain }}" letsencrypt_domain: "{{ tunuifranken_domain }}"
letsencrypt_email: "{{ tunuifranken_server_admin }}" letsencrypt_email: "{{ tunuifranken_server_admin }}"
letsencrypt_post_hook: systemctl restart apache2
- name: Create tunuifranken directory - name: Create tunuifranken directory
become: true become: true