45 lines
1.6 KiB
YAML
45 lines
1.6 KiB
YAML
- name: Create directory hierarchyes for certs
|
|
ansible.builtin.file:
|
|
mode: "755"
|
|
path: "{{ acme_sh_cert_home }}/{{ item['domains'][0] }}_ecc"
|
|
state: directory
|
|
loop: "{{ acme_sh_domains }}"
|
|
|
|
- name: Copy pre_hooks
|
|
ansible.builtin.copy:
|
|
content: "{{ item['pre_hook'] | default('') }}"
|
|
dest: "{{ acme_sh_cert_home }}/{{ item['domains'][0] }}_ecc/pre_hook.sh"
|
|
mode: "750"
|
|
loop: "{{ acme_sh_domains }}"
|
|
|
|
- name: Copy post_hooks
|
|
ansible.builtin.copy:
|
|
content: "{{ item['post_hook'] | default('')}}"
|
|
dest: "{{ acme_sh_cert_home }}/{{ item['domains'][0] }}_ecc/post_hook.sh"
|
|
mode: "750"
|
|
loop: "{{ acme_sh_domains }}"
|
|
|
|
- name: Copy update_hooks
|
|
ansible.builtin.copy:
|
|
content: "{{ item['renew_hook'] | default('')}}"
|
|
dest: "{{ acme_sh_cert_home }}/{{ item['domains'][0] }}_ecc/renew_hook.sh"
|
|
mode: "750"
|
|
loop: "{{ acme_sh_domains }}"
|
|
|
|
|
|
- name: Issue certs
|
|
ansible.builtin.command:
|
|
chdir: "{{ acme_sh_home }}"
|
|
cmd: |
|
|
/bin/sh acme.sh
|
|
--config-home {{ acme_sh_config_home | quote }}
|
|
--issue
|
|
--dns {{ item['dns_provider'] | default('dns_cf') }}
|
|
-d {{ item['domains'] | join(' -d ') }}
|
|
--pre-hook {{ acme_sh_cert_home }}/{{ item['domains'][0] }}_ecc/pre_hook.sh
|
|
--post-hook {{ acme_sh_cert_home }}/{{ item['domains'][0] }}_ecc/post_hook.sh
|
|
--renew-hook {{ acme_sh_cert_home }}/{{ item['domains'][0] }}_ecc/update_hook.sh
|
|
creates: "{{ acme_sh_cert_home }}/{{ item['domains'][0] }}_ecc/fullchain.cer"
|
|
environment: "{{ item['acme_sh_issue_env_vars'] }}"
|
|
loop: "{{ acme_sh_domains }}"
|
|
|