Fix Ansible lint issues.

pull/62/head
Jeff Geerling 6 years ago
parent e14d6eb04a
commit 5da6dd18cd
  1. 6
      README.md
  2. 23
      defaults/main.yml
  3. 27
      molecule/default/playbook-standalone-nginx-aws.yml
  4. 2
      tasks/install-from-source.yml
  5. 1
      vars/Ubuntu-16.04.yml

@ -28,7 +28,7 @@ Currently there is one built-in method for generating new certificates using thi
**For a complete example**: see the fully functional test playbook in [tests/test-standalone-nginx-aws.yml](tests/test-standalone-nginx-aws.yml). **For a complete example**: see the fully functional test playbook in [tests/test-standalone-nginx-aws.yml](tests/test-standalone-nginx-aws.yml).
certbot_create_if_missing: no certbot_create_if_missing: false
certbot_create_method: standalone certbot_create_method: standalone
Set `certbot_create_if_missing` to `yes` or `True` to let this role generate certs. Set the method used for generating certs with the `certbot_create_method` variable—current allowed values include: `standalone`. Set `certbot_create_if_missing` to `yes` or `True` to let this role generate certs. Set the method used for generating certs with the `certbot_create_method` variable—current allowed values include: `standalone`.
@ -64,10 +64,10 @@ These services will only be stopped the first time a new cert is generated.
You can install Certbot from it's Git source repository if desired. This might be useful in several cases, but especially when older distributions don't have Certbot packages available (e.g. CentOS < 7, Ubuntu < 16.10 and Debian < 8). You can install Certbot from it's Git source repository if desired. This might be useful in several cases, but especially when older distributions don't have Certbot packages available (e.g. CentOS < 7, Ubuntu < 16.10 and Debian < 8).
certbot_install_from_source: no certbot_install_from_source: false
certbot_repo: https://github.com/certbot/certbot.git certbot_repo: https://github.com/certbot/certbot.git
certbot_version: master certbot_version: master
certbot_keep_updated: yes certbot_keep_updated: true
Certbot Git repository options. To install from source, set `certbot_install_from_source` to `yes`. This clones the configured `certbot_repo`, respecting the `certbot_version` setting. If `certbot_keep_updated` is set to `yes`, the repository is updated every time this role runs. Certbot Git repository options. To install from source, set `certbot_install_from_source` to `yes`. This clones the configured `certbot_repo`, respecting the `certbot_version` setting. If `certbot_keep_updated` is set to `yes`, the repository is updated every time this role runs.

@ -7,17 +7,20 @@ certbot_auto_renew_minute: 30
certbot_auto_renew_options: "--quiet --no-self-upgrade" certbot_auto_renew_options: "--quiet --no-self-upgrade"
# Parameters used when creating new Certbot certs. # Parameters used when creating new Certbot certs.
certbot_create_if_missing: no certbot_create_if_missing: false
certbot_create_method: standalone certbot_create_method: standalone
certbot_admin_email: email@example.com certbot_admin_email: email@example.com
certbot_certs: [] certbot_certs: []
# - email: janedoe@example.com # - email: janedoe@example.com
# domains: # domains:
# - example1.com # - example1.com
# - example2.com # - example2.com
# - domains: # - domains:
# - example3.com # - example3.com
certbot_create_command: "{{ certbot_script }} certonly --standalone --noninteractive --agree-tos --email {{ cert_item.email | default(certbot_admin_email) }} -d {{ cert_item.domains | join(',') }}" certbot_create_command: >-
"{{ certbot_script }} certonly --standalone --noninteractive --agree-tos
--email {{ cert_item.email | default(certbot_admin_email) }}
-d {{ cert_item.domains | join(',') }}"
certbot_create_standalone_stop_services: certbot_create_standalone_stop_services:
- nginx - nginx
# - apache # - apache
@ -25,10 +28,10 @@ certbot_create_standalone_stop_services:
# To install from source (on older OSes or if you need a specific or newer # To install from source (on older OSes or if you need a specific or newer
# version of Certbot), set this variable to `yes` and configure other options. # version of Certbot), set this variable to `yes` and configure other options.
certbot_install_from_source: no certbot_install_from_source: false
certbot_repo: https://github.com/certbot/certbot.git certbot_repo: https://github.com/certbot/certbot.git
certbot_version: master certbot_version: master
certbot_keep_updated: yes certbot_keep_updated: true
# Where to put Certbot when installing from source. # Where to put Certbot when installing from source.
certbot_dir: /opt/certbot certbot_dir: /opt/certbot

@ -9,7 +9,7 @@
# Play 1: Provision EC2 instance and A record. # Play 1: Provision EC2 instance and A record.
- hosts: localhost - hosts: localhost
connection: local connection: local
gather_facts: no gather_facts: false
tasks: tasks:
- name: Configure EC2 Security Group. - name: Configure EC2 Security Group.
@ -50,9 +50,10 @@
Name: "certbot-standalone-nginx-test" Name: "certbot-standalone-nginx-test"
group: ['default', 'certbot_test_http'] group: ['default', 'certbot_test_http']
instance_type: t2.micro instance_type: t2.micro
image: ami-02e98f78 # CentOS Linux 7 x86_64 HVM EBS # CentOS Linux 7 x86_64 HVM EBS
image: ami-02e98f78
region: "us-east-1" region: "us-east-1"
wait: yes wait: true
wait_timeout: 500 wait_timeout: 500
exact_count: 1 exact_count: 1
count_tag: count_tag:
@ -68,25 +69,25 @@
type: A type: A
ttl: 300 ttl: 300
value: "{{ created_instance.tagged_instances.0.public_ip }}" value: "{{ created_instance.tagged_instances.0.public_ip }}"
wait: yes wait: true
overwrite: yes overwrite: true
- name: Add EC2 instance to inventory groups. - name: Add EC2 instance to inventory groups.
add_host: add_host:
name: "certbot-test.servercheck.in" name: "certbot-test.servercheck.in"
groups: "aws,aws_nginx" groups: "aws,aws_nginx"
ansible_ssh_user: centos ansible_ssh_user: centos
host_key_checking: False host_key_checking: false
when: created_instance.tagged_instances.0.id is defined when: created_instance.tagged_instances.0.id is defined
# Play 2: Configure EC2 instance with Certbot and Nginx. # Play 2: Configure EC2 instance with Certbot and Nginx.
- hosts: aws_nginx - hosts: aws_nginx
gather_facts: yes gather_facts: true
become: yes become: true
vars: vars:
certbot_admin_email: https@servercheck.in certbot_admin_email: https@servercheck.in
certbot_create_if_missing: yes certbot_create_if_missing: true
certbot_create_standalone_stop_services: [] certbot_create_standalone_stop_services: []
certbot_certs: certbot_certs:
- domains: - domains:
@ -107,7 +108,7 @@
pre_tasks: pre_tasks:
- name: Update apt cache. - name: Update apt cache.
apt: update_cache=yes cache_valid_time=600 apt: update_cache=true cache_valid_time=600
when: ansible_os_family == 'Debian' when: ansible_os_family == 'Debian'
changed_when: false changed_when: false
@ -135,12 +136,12 @@
url: https://certbot-test.servercheck.in/ url: https://certbot-test.servercheck.in/
status_code: 200 status_code: 200
delegate_to: localhost delegate_to: localhost
become: no become: false
# Play 3: Tear down EC2 instance and A record. # Play 3: Tear down EC2 instance and A record.
- hosts: localhost - hosts: localhost
connection: local connection: local
gather_facts: no gather_facts: false
tasks: tasks:
- name: Destroy EC2 instance. - name: Destroy EC2 instance.
@ -149,7 +150,7 @@
instance_ids: ["{{ created_instance.tagged_instances.0.id }}"] instance_ids: ["{{ created_instance.tagged_instances.0.id }}"]
region: "us-east-1" region: "us-east-1"
state: absent state: absent
wait: yes wait: true
wait_timeout: 500 wait_timeout: 500
- name: Delete Security Group. - name: Delete Security Group.

@ -5,7 +5,7 @@
dest: "{{ certbot_dir }}" dest: "{{ certbot_dir }}"
version: "{{ certbot_version }}" version: "{{ certbot_version }}"
update: "{{ certbot_keep_updated }}" update: "{{ certbot_keep_updated }}"
force: yes force: true
- name: Set Certbot script variable. - name: Set Certbot script variable.
set_fact: set_fact:

@ -1 +1,2 @@
---
certbot_package: letsencrypt certbot_package: letsencrypt

Loading…
Cancel
Save