50 lines
1.2 KiB
YAML
50 lines
1.2 KiB
YAML
---
|
|
- name: Include vault variables
|
|
ansible.builtin.include_vars: vault.yml
|
|
|
|
- name: Install needed packages
|
|
become: true
|
|
ansible.builtin.apt:
|
|
name:
|
|
- certbot
|
|
- virtualenv
|
|
state: present
|
|
|
|
- name: Install certbot-dns-infomaniak authenticator
|
|
become: true
|
|
ansible.builtin.pip:
|
|
name: certbot-dns-infomaniak
|
|
state: present
|
|
virtualenv: /etc/letsencrypt/certbot_dns_infomaniak_venv
|
|
|
|
|
|
- name: Copy authenticator credentials file
|
|
become: true
|
|
ansible.builtin.copy:
|
|
dest: /etc/letsencrypt/infomaniak_credentials.ini
|
|
content: "dns_infomaniak_token = {{ infomaniak_api_token }}"
|
|
mode: 0600
|
|
owner: root
|
|
group: root
|
|
|
|
- name: Perform dns-01 challenge
|
|
become: true
|
|
ansible.builtin.command:
|
|
argv:
|
|
- /etc/letsencrypt/certbot_dns_infomaniak_venv/bin/certbot
|
|
- certonly
|
|
- -n
|
|
- --authenticator
|
|
- dns-infomaniak
|
|
- --dns-infomaniak-credentials
|
|
- /etc/letsencrypt/infomaniak_credentials.ini
|
|
- --server
|
|
- https://acme-v02.api.letsencrypt.org/directory
|
|
- --rsa-key-size
|
|
- 4096
|
|
- -d
|
|
- "{{ domain }}"
|
|
- -m
|
|
- "{{ server_admin }}"
|
|
- --agree-tos
|
|
creates: "/etc/letsencrypt/live/{{ domain }}"
|