mirror of
https://github.com/geerlingguy/ansible-role-certbot.git
synced 2025-04-19 17:01:37 +02:00
35 lines
1003 B
YAML
35 lines
1003 B
YAML
---
|
|
- name: Check if certificate already exists.
|
|
stat:
|
|
path: /etc/letsencrypt/live/{{ cert_item.domains | first | replace('*.', '') }}/cert.pem
|
|
register: letsencrypt_cert
|
|
|
|
- name: Populate service facts
|
|
service_facts:
|
|
|
|
- name: firewall enable port 80
|
|
firewalld:
|
|
port: 80/tcp
|
|
permanent: false
|
|
state: enabled
|
|
ignore_errors: yes
|
|
when: not letsencrypt_cert.stat.exists
|
|
|
|
- name: Stop services to allow certbot to generate a cert.
|
|
service:
|
|
name: "{{ item }}"
|
|
state: stopped
|
|
when: not letsencrypt_cert.stat.exists and item in services
|
|
with_items: "{{ certbot_create_standalone_stop_services }}"
|
|
|
|
- name: Generate new certificate if one doesn't exist.
|
|
command: "{{ certbot_create_command }}"
|
|
when: not letsencrypt_cert.stat.exists
|
|
|
|
- name: Start services after cert has been generated.
|
|
service:
|
|
name: "{{ item }}"
|
|
state: started
|
|
when: not letsencrypt_cert.stat.exists and item in services
|
|
with_items: "{{ certbot_create_standalone_stop_services }}"
|
