You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
36 lines
1.3 KiB
YAML
36 lines
1.3 KiB
YAML
---
|
|
|
|
- meta: flush_handlers
|
|
|
|
- name: "Issue certificate for {{ domain }}"
|
|
become_user: "{{ acme_system_user }}"
|
|
command: >-
|
|
./acme.sh --issue
|
|
--home {{ acme_installation_directory | quote }}
|
|
--config-home {{ acme_configuration_directory | quote }}
|
|
--domain "{{ domain | quote }}"
|
|
--webroot "{{ nginx_validation_root_directory | quote }}"
|
|
--ecc
|
|
--ocsp-must-staple
|
|
args:
|
|
chdir: "{{ acme_installation_directory }}"
|
|
register: acme_issue_result
|
|
changed_when: acme_issue_result.rc != 2 or "Domains not changed" not in acme_issue_result.stdout
|
|
failed_when: acme_issue_result.rc != 0 and "Domains not changed" not in acme_issue_result.stdout
|
|
|
|
- name: "Install certificate for {{ domain }}"
|
|
become_user: "{{ acme_system_user }}"
|
|
command: >-
|
|
./acme.sh --install-cert
|
|
--home {{ acme_installation_directory | quote }}
|
|
--config-home {{ acme_configuration_directory | quote }}
|
|
--domain "{{ domain | quote }}"
|
|
--key-file "{{ acme_key_location | quote }}"
|
|
--fullchain-file "{{ acme_certificate_location | quote }}"
|
|
--reloadcmd "systemctl force-reload nginx"
|
|
args:
|
|
chdir: "{{ acme_installation_directory }}"
|
|
creates: "{{ acme_key_location }}"
|
|
register: acme_install_result
|
|
failed_when: acme_install_result.rc != 0 and "Reload error for" not in acme_install_result.stderr
|