Compare commits
No commits in common. "bd04d892f8e86807225e118bb8018678e0bb778e" and "134fd61d6b44564c1a352bd639211940a646f26e" have entirely different histories.
bd04d892f8
...
134fd61d6b
@ -1,21 +1,3 @@
|
|||||||
---
|
---
|
||||||
certbot_package_name: certbot
|
certbot_package_name: certbot
|
||||||
certbot_package_state: present
|
certbot_package_state: present
|
||||||
|
|
||||||
certbot_service_name: certbot.service
|
|
||||||
|
|
||||||
certbot_timer_name: certbot.timer
|
|
||||||
certbot_timer_state: started
|
|
||||||
certbot_timer_enabled: yes
|
|
||||||
|
|
||||||
certbot_cron_user: root
|
|
||||||
certbot_cron_file_path: /etc/cron.d/certbot
|
|
||||||
certbot_cron_env:
|
|
||||||
path: /usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
|
|
||||||
shell: /bin/sh
|
|
||||||
certbot_cron_command: test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew
|
|
||||||
cerbot_cron_hour: "*/12"
|
|
||||||
cerbot_cron_minute: "0"
|
|
||||||
|
|
||||||
certbot_system_timer_on_calender: "*-*-* 00,12:00:00"
|
|
||||||
certbot_system_timer_randomized_delay_sec: 43200
|
|
||||||
|
|||||||
@ -1,6 +0,0 @@
|
|||||||
---
|
|
||||||
- name: systemd daemon-reload
|
|
||||||
systemd:
|
|
||||||
name: "{{ certbot_service_name }}"
|
|
||||||
daemon_reload: yes
|
|
||||||
state: restarted
|
|
||||||
@ -39,47 +39,3 @@
|
|||||||
- name: request certificates
|
- name: request certificates
|
||||||
include_tasks: "issue.yaml"
|
include_tasks: "issue.yaml"
|
||||||
loop: "{{ certbot_certificates }}"
|
loop: "{{ certbot_certificates }}"
|
||||||
|
|
||||||
- name: configure systemd timer
|
|
||||||
block:
|
|
||||||
- name: create systemd timer override directory
|
|
||||||
file:
|
|
||||||
path: "/etc/systemd/system/{{ certbot_timer_name }}.d"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: 0755
|
|
||||||
state: directory
|
|
||||||
|
|
||||||
- name: configure systemd timer options
|
|
||||||
template:
|
|
||||||
src: certbot.timer.j2
|
|
||||||
dest: "/etc/systemd/system/{{ certbot_timer_name }}.d/override.conf"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: 0644
|
|
||||||
notify: systemd daemon-reload
|
|
||||||
- name: enable the timer
|
|
||||||
systemd:
|
|
||||||
name: "{{ certbot_timer_name }}"
|
|
||||||
state: "{{ certbot_timer_state }}"
|
|
||||||
enabled: "{{ certbot_timer_enabled }}"
|
|
||||||
when: ansible_service_mgr == "systemd"
|
|
||||||
|
|
||||||
- name: configure cron job
|
|
||||||
block:
|
|
||||||
- name: configure env
|
|
||||||
cron:
|
|
||||||
name: "{{ item.key | upper }}"
|
|
||||||
env: yes
|
|
||||||
job: "{{ item.value }}"
|
|
||||||
user: "{{ certbot_cron_user }}"
|
|
||||||
cron_file: "{{ certbot_cron_file_path }}"
|
|
||||||
loop: "{{ certbot_cron_env | dict2items }}"
|
|
||||||
- name: create job
|
|
||||||
cron:
|
|
||||||
name: certbot
|
|
||||||
user: "{{ certbot_cron_user }}"
|
|
||||||
hour: "{{ certbot_cron_hour }}"
|
|
||||||
minute: "{{ certbot_cron_minute }}"
|
|
||||||
cron_file: "{{ certbot_cron_file_path }}"
|
|
||||||
job: "{{ certbot_cron_command }}"
|
|
||||||
|
|||||||
@ -1,5 +0,0 @@
|
|||||||
# {{ ansible_managed }}
|
|
||||||
|
|
||||||
[Timer]
|
|
||||||
OnCalendar={{ certbot_system_timer_on_calender }}
|
|
||||||
RandomizedDelaySec={{ certbot_system_timer_randomized_delay_sec }}
|
|
||||||
@ -24,12 +24,4 @@ template(
|
|||||||
type="omfile"
|
type="omfile"
|
||||||
dynafile="FilePerDay"
|
dynafile="FilePerDay"
|
||||||
template="RSYSLOG_FileFormat"
|
template="RSYSLOG_FileFormat"
|
||||||
fileCreateMode="{{ rsyslog_file_create_mode }}"
|
|
||||||
dirCreateMode="{{ rsyslog_dir_create_mode }}"
|
|
||||||
createDirs="{{ rsyslog_create_dirs | ternary('on', 'off') }}"
|
|
||||||
fileOwner="{{ rsyslog_file_owner }}"
|
|
||||||
fileGroup="{{ rsyslog_file_group }}"
|
|
||||||
dirOwner="{{ rsyslog_file_owner }}"
|
|
||||||
dirGroup="{{ rsyslog_file_group }}"
|
|
||||||
umask="{{ rsyslog_umask }}"
|
|
||||||
)
|
)
|
||||||
|
|||||||
@ -27,18 +27,9 @@ $FileOwner {{ rsyslog_file_owner }}
|
|||||||
{% if rsyslog_file_group is defined %}
|
{% if rsyslog_file_group is defined %}
|
||||||
$FileGroup {{ rsyslog_file_group }}
|
$FileGroup {{ rsyslog_file_group }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if rsyslog_dir_owner is defined %}
|
|
||||||
$FileOwner {{ rsyslog_dir_owner }}
|
|
||||||
{% endif %}
|
|
||||||
{% if rsyslog_dir_group is defined %}
|
|
||||||
$FileGroup {{ rsyslog_dir_group }}
|
|
||||||
{% endif %}
|
|
||||||
{% if rsyslog_file_create_mode is defined %}
|
{% if rsyslog_file_create_mode is defined %}
|
||||||
$FileCreateMode {{ rsyslog_file_create_mode }}
|
$FileCreateMode {{ rsyslog_file_create_mode }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if rsyslog_create_dirs is defined %}
|
|
||||||
CreateDirs {{ rsyslog_create_dirs | ternary('on', 'off') }}
|
|
||||||
{% endif %}
|
|
||||||
{% if rsyslog_dir_create_mode is defined %}
|
{% if rsyslog_dir_create_mode is defined %}
|
||||||
$DirCreateMode {{ rsyslog_dir_create_mode }}
|
$DirCreateMode {{ rsyslog_dir_create_mode }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|||||||
@ -1,11 +1,8 @@
|
|||||||
---
|
---
|
||||||
rsyslog_file_owner: syslog
|
rsyslog_file_owner: syslog
|
||||||
rsyslog_file_group: adm
|
rsyslog_file_group: adm
|
||||||
rsyslog_dir_owner: syslog
|
rsyslog_file_create_mode: "0644"
|
||||||
rsyslog_dir_group: adm
|
|
||||||
rsyslog_file_create_mode: "0640"
|
|
||||||
rsyslog_dir_create_mode: "0755"
|
rsyslog_dir_create_mode: "0755"
|
||||||
rsyslog_create_dirs: yes
|
|
||||||
rsyslog_umask: "0022"
|
rsyslog_umask: "0022"
|
||||||
rsyslog_priv_drop_to_user: syslog
|
rsyslog_priv_drop_to_user: syslog
|
||||||
rsyslog_priv_drop_to_group: syslog
|
rsyslog_priv_drop_to_group: syslog
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user