commit 8b6c745801e9422c3a8d2046ceb88156573354c4 Author: Jeff Geerling Date: Tue Mar 8 10:49:09 2016 -0600 Initial commit. diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 0000000..9323e54 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,53 @@ +--- +sudo: required + +env: + - distribution: centos + version: 6 + init: /sbin/init + run_opts: "" + - distribution: centos + version: 7 + init: /usr/lib/systemd/systemd + run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro" + - distribution: ubuntu + version: 14.04 + init: /sbin/init + run_opts: "" + - distribution: ubuntu + version: 12.04 + init: /sbin/init + run_opts: "" + +services: + - docker + +before_install: + # Pull container + - 'sudo docker pull ${distribution}:${version}' + # Customize container + - 'sudo docker build --rm=true --file=tests/Dockerfile.${distribution}-${version} --tag=${distribution}-${version}:ansible tests' + +script: + - container_id=$(mktemp) + # Run container in detached state + - 'sudo docker run --detach --volume="${PWD}":/etc/ansible/roles/role_under_test:ro ${run_opts} ${distribution}-${version}:ansible "${init}" > "${container_id}"' + + # Ansible syntax check. + - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml --syntax-check' + + # Test role. + - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml' + + # Test role idempotence. + - > + sudo docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml + | grep -q 'changed=0.*failed=0' + && (echo 'Idempotence test: pass' && exit 0) + || (echo 'Idempotence test: fail' && exit 1) + + # Clean up + - 'sudo docker stop "$(cat ${container_id})"' + +notifications: + webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/README.md b/README.md new file mode 100644 index 0000000..7e5f8e9 --- /dev/null +++ b/README.md @@ -0,0 +1,31 @@ +# Ansible Role: Let's Encrypt + +[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-letsencrypt.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-letsencrypt) + +Installs Let's Encrypt for RHEL/CentOS or Debian/Ubuntu. + +## Requirements + +Let's Encrypt requires `git` to be installed. You can install using the `geerlingguy.git` role. + +## Role Variables + +None. + +## Dependencies + +None. + +## Example Playbook + + - hosts: servers + roles: + - geerlingguy.letsencrypt + +## License + +MIT / BSD + +## Author Information + +This role was created in 2016 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://ansiblefordevops.com/). diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..6359404 --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,6 @@ +--- +letsencrypt_repo: https://github.com/letsencrypt/letsencrypt +letsencrypt_version: master +letsencrypt_keep_updated: yes + +letsencrypt_dir: /opt/letsencrypt diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..9fa4d47 --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# TODO diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 0000000..385b0cd --- /dev/null +++ b/meta/main.yml @@ -0,0 +1,24 @@ +--- +dependencies: [] + +galaxy_info: + author: geerlingguy + description: "Let's Encrypt for RHEL/CentOS and Debian/Ubuntu." + company: "Midwestern Mac, LLC" + license: "license (BSD, MIT)" + min_ansible_version: 1.8 + platforms: + - name: EL + versions: + - 6 + - 7 + - name: Ubuntu + versions: + - all + - name: Debian + versions: + - all + galaxy_tags: + - networking + - system + - web diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..9a10d4c --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,7 @@ +--- +- name: Clone Let's Encrypt into configured directory. + git: + repo: "{{ letsencrypt_repo }}" + dest: "{{ letsencrypt_dir }}" + version: "{{ letsencrypt_version }}" + update: "{{ letsencrypt_keep_updated }}" diff --git a/tests/Dockerfile.centos-6 b/tests/Dockerfile.centos-6 new file mode 100644 index 0000000..7df05ff --- /dev/null +++ b/tests/Dockerfile.centos-6 @@ -0,0 +1,19 @@ +FROM centos:6 + +# Install Ansible +RUN yum -y update; yum clean all; +RUN yum -y install epel-release +RUN yum -y install git python-setuptools gcc sudo libffi-devel python-devel openssl-devel +RUN yum clean all +RUN easy_install pip +RUN pip install ansible + + +# Disable requiretty +RUN sed -i -e 's/^\(Defaults\s*requiretty\)/#--- \1/' /etc/sudoers + +# Install Ansible inventory file +RUN mkdir - p /etc/ansible +RUN echo -e '[local]\nlocalhost ansible_connection=local' > /etc/ansible/hosts + +CMD ["/usr/sbin/init"] diff --git a/tests/Dockerfile.centos-7 b/tests/Dockerfile.centos-7 new file mode 100644 index 0000000..ded17f1 --- /dev/null +++ b/tests/Dockerfile.centos-7 @@ -0,0 +1,29 @@ +FROM centos:7 + +# Install systemd -- See https://hub.docker.com/_/centos/ +RUN yum -y swap -- remove fakesystemd -- install systemd systemd-libs +RUN yum -y update; yum clean all; \ +(cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \ +rm -f /lib/systemd/system/multi-user.target.wants/*; \ +rm -f /etc/systemd/system/*.wants/*; \ +rm -f /lib/systemd/system/local-fs.target.wants/*; \ +rm -f /lib/systemd/system/sockets.target.wants/*udev*; \ +rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ +rm -f /lib/systemd/system/basic.target.wants/*; \ +rm -f /lib/systemd/system/anaconda.target.wants/*; + +# Install Ansible +RUN yum -y install git python-setuptools gcc sudo libffi-devel python-devel openssl-devel +RUN yum clean all +RUN easy_install pip +RUN pip install ansible + +# Disable requiretty +RUN sed -i -e 's/^\(Defaults\s*requiretty\)/#--- \1/' /etc/sudoers + +# Install Ansible inventory file +RUN mkdir - p /etc/ansible +RUN echo -e '[local]\nlocalhost ansible_connection=local' > /etc/ansible/hosts + +VOLUME ["/sys/fs/cgroup"] +CMD ["/usr/sbin/init"] diff --git a/tests/Dockerfile.ubuntu-12.04 b/tests/Dockerfile.ubuntu-12.04 new file mode 100644 index 0000000..d0c130c --- /dev/null +++ b/tests/Dockerfile.ubuntu-12.04 @@ -0,0 +1,11 @@ +FROM ubuntu:12.04 +RUN apt-get update + +# Install Ansible +RUN apt-get install -y software-properties-common python-software-properties git +RUN apt-add-repository -y ppa:ansible/ansible +RUN apt-get update +RUN apt-get install -y ansible + +# Install Ansible inventory file +RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts diff --git a/tests/Dockerfile.ubuntu-14.04 b/tests/Dockerfile.ubuntu-14.04 new file mode 100644 index 0000000..ca33287 --- /dev/null +++ b/tests/Dockerfile.ubuntu-14.04 @@ -0,0 +1,11 @@ +FROM ubuntu:14.04 +RUN apt-get update + +# Install Ansible +RUN apt-get install -y software-properties-common git +RUN apt-add-repository -y ppa:ansible/ansible +RUN apt-get update +RUN apt-get install -y ansible + +# Install Ansible inventory file +RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts diff --git a/tests/test.yml b/tests/test.yml new file mode 100644 index 0000000..3646ff4 --- /dev/null +++ b/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: all + + roles: + - role_under_test diff --git a/vars/Debian.yml b/vars/Debian.yml new file mode 100644 index 0000000..352aad7 --- /dev/null +++ b/vars/Debian.yml @@ -0,0 +1,2 @@ +--- +samba_daemon: smbd diff --git a/vars/RedHat.yml b/vars/RedHat.yml new file mode 100644 index 0000000..9f01c5d --- /dev/null +++ b/vars/RedHat.yml @@ -0,0 +1,2 @@ +--- +samba_daemon: smb