mirror of
https://github.com/geerlingguy/ansible-role-certbot.git
synced 2025-04-19 17:01:37 +02:00
e0adf71570
This plugin supports issuing/renewing certificates without needing to stop/start Apache's daemon. This change also adds a variable to allow override default letsencrypt config directory (/etc/letsencrypt).
24 lines
755 B
YAML
24 lines
755 B
YAML
---
|
|
- name: Check if certificate already exists.
|
|
stat:
|
|
path: "{{ certbot_config_dir }}/live/{{ cert_item.domains | first | replace('*.', '') }}/cert.pem"
|
|
register: letsencrypt_cert
|
|
|
|
- name: Stop services to allow certbot to generate a cert.
|
|
service:
|
|
name: "{{ item }}"
|
|
state: stopped
|
|
when: not letsencrypt_cert.stat.exists
|
|
with_items: "{{ certbot_create_standalone_stop_services }}"
|
|
|
|
- name: Generate new certificate if one doesn't exist.
|
|
command: "{{ certbot_create_command }}"
|
|
when: not letsencrypt_cert.stat.exists
|
|
|
|
- name: Start services after cert has been generated.
|
|
service:
|
|
name: "{{ item }}"
|
|
state: started
|
|
when: not letsencrypt_cert.stat.exists
|
|
with_items: "{{ certbot_create_standalone_stop_services }}"
|
