mirror of
https://github.com/geerlingguy/ansible-role-certbot.git
synced 2025-06-15 07:01:27 +02:00
Compare commits
7 Commits
a056da763e
...
cfd9655ed0
| Author | SHA1 | Date | |
|---|---|---|---|
|
cfd9655ed0 | ||
|
|
47203f3b92 | ||
|
|
a3b34ef499 | ||
|
199f940604 | ||
|
1b04270982 | ||
|
2deba31679 | ||
|
|
d30ddd946a |
@ -5,6 +5,9 @@ rules:
|
||||
line-length:
|
||||
max: 180
|
||||
level: warning
|
||||
indentation:
|
||||
spaces: 2
|
||||
indent-sequences: consistent
|
||||
|
||||
ignore: |
|
||||
.github/stale.yml
|
||||
|
||||
@ -20,7 +20,7 @@ Controls how Certbot is installed. Available options are 'package', 'snap', and
|
||||
certbot_auto_renew_user: "{{ ansible_user | default(lookup('env', 'USER')) }}"
|
||||
certbot_auto_renew_hour: "3"
|
||||
certbot_auto_renew_minute: "30"
|
||||
certbot_auto_renew_options: "--quiet --no-self-upgrade"
|
||||
certbot_auto_renew_options: "--quiet"
|
||||
|
||||
By default, this role configures a cron job to run under the provided user account at the given hour and minute, every day. The defaults run `certbot renew` (or `certbot-auto renew`) via cron every day at 03:30:00 by the user you use in your Ansible playbook. It's preferred that you set a custom user/hour/minute so the renewal is during a low-traffic period and done by a non-root user account.
|
||||
|
||||
|
||||
@ -4,7 +4,7 @@ certbot_auto_renew: true
|
||||
certbot_auto_renew_user: "{{ ansible_user | default(lookup('env', 'USER')) }}"
|
||||
certbot_auto_renew_hour: "3"
|
||||
certbot_auto_renew_minute: "30"
|
||||
certbot_auto_renew_options: "--quiet --no-self-upgrade"
|
||||
certbot_auto_renew_options: "--quiet"
|
||||
|
||||
certbot_testmode: false
|
||||
certbot_hsts: false
|
||||
@ -37,10 +37,10 @@ certbot_create_command: >-
|
||||
{{ cert_item.webroot | default(certbot_webroot) if certbot_create_method == 'webroot' else '' }}
|
||||
-d {{ cert_item.domains | join(',') }}
|
||||
{{ '--pre-hook /etc/letsencrypt/renewal-hooks/pre/stop_services'
|
||||
if certbot_create_standalone_stop_services
|
||||
if certbot_create_standalone_stop_services and certbot_create_method == 'standalone'
|
||||
else '' }}
|
||||
{{ '--post-hook /etc/letsencrypt/renewal-hooks/post/start_services'
|
||||
if certbot_create_standalone_stop_services
|
||||
if certbot_create_standalone_stop_services and certbot_create_method == 'standalone'
|
||||
else '' }}
|
||||
|
||||
certbot_create_standalone_stop_services:
|
||||
|
||||
@ -9,22 +9,22 @@
|
||||
|
||||
- block:
|
||||
|
||||
- name: Enable DNF module for CentOS 8.3+.
|
||||
shell: |
|
||||
dnf config-manager --set-enabled powertools
|
||||
register: dnf_module_enable
|
||||
changed_when: false
|
||||
- name: Enable DNF module for CentOS 8.3+.
|
||||
shell: |
|
||||
dnf config-manager --set-enabled powertools
|
||||
register: dnf_module_enable
|
||||
changed_when: false
|
||||
|
||||
when: ansible_facts['distribution_version'] is version('8.3', '>=')
|
||||
when: ansible_facts['distribution_version'] is version('8.3', '>=')
|
||||
|
||||
- name: Enable DNF module for CentOS 8.0–8.2.
|
||||
shell: |
|
||||
dnf config-manager --set-enabled PowerTools
|
||||
register: dnf_module_enable
|
||||
changed_when: false
|
||||
- name: Enable DNF module for CentOS 8.0–8.2.
|
||||
shell: |
|
||||
dnf config-manager --set-enabled PowerTools
|
||||
register: dnf_module_enable
|
||||
changed_when: false
|
||||
|
||||
when: ansible_facts['distribution_version'] is version('8.2', '<=')
|
||||
|
||||
when:
|
||||
- ansible_distribution == 'CentOS'
|
||||
- ansible_distribution_major_version | int >= 8
|
||||
- ansible_distribution == 'CentOS'
|
||||
- ansible_distribution_major_version | int >= 8
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user
