ansible-playbooks/ubuntu/roles/letsencrypt/tasks/main.yml

32 lines
891 B
YAML

---
- name: Install LetsEncrypt client
apt: name=letsencrypt state=latest
- name: stop nginx if it already is up and running
service: name=nginx state=stopped
register: result
ignore_errors: True
- name: Generate LetsEncrypt TLS certificates
shell: letsencrypt certonly -n -m "letsencrypt@sadiqsaif.ca" --agree-tos --webroot -d {{ item }} -w /srv/www/{{ item }}/
with_items:
- asininetech.com
- entropynet.net
- i.asininetech.com
- sadiqsaif.ca
- staticsafe.ca
- twoshadesofbrown.com
- wiki.staticsafe.ca
- sadiqsaif.com
- netdata.asininetech.net
- name: start nginx if we stopped it before
service: name=nginx state=started
when: result|succeeded
- name: Add a cron job to automatically renew LetsEncrypt certificates
copy: src=letsencrypt-renew dest=/etc/cron.daily/letsencrypt-renew mode=0700
notify:
- restart cron