ansible/roles/certbot/tasks/main.yaml

---
- name: gather os specific variables
  ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
  vars:
    params:
      files:
        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
        - "{{ ansible_distribution }}.yaml"
        - "{{ ansible_os_family }}.yaml"
        - "default.yaml"
      paths:
        - vars

- name: include os specific tasks
  ansible.builtin.include_tasks: "{{ lookup('first_found', params) }}"
  vars:
    params:
      files:
        - "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"
        - "{{ ansible_distribution }}.yaml"
        - "{{ ansible_os_family }}.yaml"
        - "default.yaml"
      paths:
        - tasks

- name: install certbot
  ansible.builtin.pip:
    name: "{{ certbot_package_name }}"
    state: "{{ certbot_package_state }}"

- name: install certbot plugins
  ansible.builtin.pip:
    name: "{{ certbot_plugins }}"
    state: latest

- name: create credential path
  ansible.builtin.file:
    path: "{{ certbot_credential_path }}"
    owner: root
    group: root
    mode: 0700
    state: directory

- name: request certificates
  ansible.builtin.include_tasks: "issue.yaml"
  loop: "{{ certbot_certificates }}"

- name: include linode tasks
  ansible.builtin.include_tasks: configure-linode.yaml

- name: configure renewal service
  ansible.builtin.template:
    src: certbot.service.j2
    dest: "/etc/systemd/system/certbot.service"
    owner: root
    group: root
    mode: 0644
  notify: systemd daemon-reload

- name: configure renewal timer
  ansible.builtin.template:
    src: certbot.timer.j2
    dest: "/etc/systemd/system/certbot.timer"
    owner: root
    group: root
    mode: 0644
  notify: systemd daemon-reload

- name: manage timer
  ansible.builtin.systemd:
    name: "{{ certbot_timer_name }}"
    enabled: "{{ certbot_timer_enabled }}"
    state: "{{ certbot_timer_state }}"
Add certbot role 2019-11-25 00:50:05 +00:00			`---`
			`- name: gather os specific variables`
Fix deprecated includes 2022-08-31 03:19:06 +00:00			`ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"`
Add certbot role 2019-11-25 00:50:05 +00:00			`vars:`
Fix deprecated includes 2022-08-31 03:19:06 +00:00			`params:`
Add certbot role 2019-11-25 00:50:05 +00:00			`files:`
			`- "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"`
			`- "{{ ansible_distribution }}.yaml"`
			`- "{{ ansible_os_family }}.yaml"`
			`- "default.yaml"`
			`paths:`
			`- vars`

			`- name: include os specific tasks`
Fix deprecated includes 2022-08-31 03:19:06 +00:00			`ansible.builtin.include_tasks: "{{ lookup('first_found', params) }}"`
Add certbot role 2019-11-25 00:50:05 +00:00			`vars:`
Fix deprecated includes 2022-08-31 03:19:06 +00:00			`params:`
Add certbot role 2019-11-25 00:50:05 +00:00			`files:`
			`- "{{ ansible_distribution }}-{{ ansible_distribution_version }}.yaml"`
			`- "{{ ansible_distribution }}.yaml"`
			`- "{{ ansible_os_family }}.yaml"`
			`- "default.yaml"`
			`paths:`
			`- tasks`

Refactor certbot role 2024-04-14 22:29:18 +00:00			`- name: install certbot`
			`ansible.builtin.pip:`
Add certbot role 2019-11-25 00:50:05 +00:00			`name: "{{ certbot_package_name }}"`
			`state: "{{ certbot_package_state }}"`

Refactor certbot role 2024-04-14 22:29:18 +00:00			`- name: install certbot plugins`
			`ansible.builtin.pip:`
			`name: "{{ certbot_plugins }}"`
			`state: latest`

			`- name: create credential path`
			`ansible.builtin.file:`
			`path: "{{ certbot_credential_path }}"`
Add certbot role 2019-11-25 00:50:05 +00:00			`owner: root`
			`group: root`
Refactor certbot role 2024-04-14 22:29:18 +00:00			`mode: 0700`
			`state: directory`
Add certbot role 2019-11-25 00:50:05 +00:00
			`- name: request certificates`
Fix deprecated includes 2022-08-31 03:19:06 +00:00			`ansible.builtin.include_tasks: "issue.yaml"`
Add certbot role 2019-11-25 00:50:05 +00:00			`loop: "{{ certbot_certificates }}"`
Added cerbot renewal jobs 2019-11-27 22:10:19 +00:00
Refactor certbot role 2024-04-14 22:29:18 +00:00			`- name: include linode tasks`
			`ansible.builtin.include_tasks: configure-linode.yaml`

			`- name: configure renewal service`
			`ansible.builtin.template:`
			`src: certbot.service.j2`
			`dest: "/etc/systemd/system/certbot.service"`
			`owner: root`
			`group: root`
			`mode: 0644`
			`notify: systemd daemon-reload`
Added cerbot renewal jobs 2019-11-27 22:10:19 +00:00
Refactor certbot role 2024-04-14 22:29:18 +00:00			`- name: configure renewal timer`
			`ansible.builtin.template:`
			`src: certbot.timer.j2`
			`dest: "/etc/systemd/system/certbot.timer"`
			`owner: root`
			`group: root`
			`mode: 0644`
			`notify: systemd daemon-reload`
Added cerbot renewal jobs 2019-11-27 22:10:19 +00:00
Refactor certbot role 2024-04-14 22:29:18 +00:00			`- name: manage timer`
			`ansible.builtin.systemd:`
			`name: "{{ certbot_timer_name }}"`
			`enabled: "{{ certbot_timer_enabled }}"`
			`state: "{{ certbot_timer_state }}"`