diff --git a/.travis.yml b/.travis.yml index 27f0436..b204899 100644 --- a/.travis.yml +++ b/.travis.yml @@ -10,8 +10,8 @@ env: - MOLECULE_DISTRO: centos7 - MOLECULE_DISTRO: centos6 MOLECULE_PLAYBOOK: playbook-source-install.yml + - MOLECULE_DISTRO: ubuntu2004 - MOLECULE_DISTRO: ubuntu1804 - - MOLECULE_DISTRO: ubuntu1604 - MOLECULE_DISTRO: debian10 before_install: diff --git a/defaults/main.yml b/defaults/main.yml index 7002b26..0250b36 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,10 +1,12 @@ --- # Certbot auto-renew cron job configuration (for certificate renewals). +certbot_test: false certbot_auto_renew: true certbot_auto_renew_user: "{{ ansible_user | default(lookup('env', 'USER')) }}" certbot_auto_renew_hour: "3" certbot_auto_renew_minute: "30" -certbot_auto_renew_options: "--quiet --no-self-upgrade" +certbot_auto_renew_options: >- + --quiet --no-self-upgrade --dns-route53 {%if certbot_test%}--test{%endif%} # Parameters used when creating new Certbot certs. certbot_create_if_missing: false @@ -18,9 +20,9 @@ certbot_certs: [] # - domains: # - example3.com certbot_create_command: >- - {{ certbot_script }} certonly --standalone --noninteractive --agree-tos - --email {{ cert_item.email | default(certbot_admin_email) }} - -d {{ cert_item.domains | join(',') }} + {{ certbot_script }} certonly --noninteractive --agree-tos + --email {{ cert_item.email | default(certbot_admin_email) }} --dns-route53 + -d {{ cert_item.domains | join(",") }} {%if certbot_test%}--test{%endif%} certbot_create_standalone_stop_services: - nginx diff --git a/meta/main.yml b/meta/main.yml index 15d8538..80bddaa 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -1,9 +1,15 @@ --- -dependencies: [] +dependencies: + - role: geerlingguy.pip + vars: + pip_install_packages: + - name: awscli + +allow_duplicates: true galaxy_info: role_name: certbot - author: geerlingguy + author: thiagoalmeidasa description: "Installs and configures Certbot (for Let's Encrypt)." company: "Midwestern Mac, LLC" license: "license (BSD, MIT)" @@ -33,3 +39,5 @@ galaxy_info: - certificates - ssl - https + - awscli + - route53 diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml index 9d6e5e7..c9570a1 100644 --- a/molecule/default/converge.yml +++ b/molecule/default/converge.yml @@ -5,22 +5,29 @@ vars: certbot_auto_renew_user: root + certbot_test: true pre_tasks: - name: Update apt cache. - apt: update_cache=yes cache_valid_time=600 + apt: + update_cache: true + cache_valid_time: 600 when: ansible_os_family == 'Debian' changed_when: false - name: Install dependencies (RedHat). - yum: name={{ item }} state=present + yum: + name: "{{ item }}" + state: present when: ansible_os_family == 'RedHat' with_items: - cronie - epel-release - name: Install cron (Debian). - apt: name=cron state=present + apt: + name: cron + state: present when: ansible_os_family == 'Debian' roles: diff --git a/molecule/default/requirements.yml b/molecule/default/requirements.yml index 0b31312..dc43371 100644 --- a/molecule/default/requirements.yml +++ b/molecule/default/requirements.yml @@ -1,3 +1,4 @@ --- +- src: geerlingguy.pip - src: geerlingguy.git - src: geerlingguy.nginx diff --git a/tasks/install-from-source.yml b/tasks/install-from-source.yml index daee685..a992749 100644 --- a/tasks/install-from-source.yml +++ b/tasks/install-from-source.yml @@ -7,6 +7,12 @@ update: "{{ certbot_keep_updated }}" force: true +- name: Install Certbot route53 plugin. + package: + name: + - python3-certbot-dns-route53 + state: present + - name: Set Certbot script variable. set_fact: certbot_script: "{{ certbot_dir }}/certbot-auto" diff --git a/tasks/install-with-package.yml b/tasks/install-with-package.yml index 10490ff..6f712be 100644 --- a/tasks/install-with-package.yml +++ b/tasks/install-with-package.yml @@ -1,6 +1,14 @@ --- - name: Install Certbot. - package: "name={{ certbot_package }} state=present" + package: + name: "{{ certbot_package }}" + state: present + +- name: Install Certbot route53 plugin. + package: + name: + - python3-certbot-dns-route53 + state: present - name: Set Certbot script variable. set_fact: