13 lines
636 B
YAML
13 lines
636 B
YAML
---
|
|
# This role sets up a Let's Encrypt certificate for the
|
|
# Mastodon instance
|
|
|
|
- name: Make TLS certificate storage directory
|
|
file: name=/etc/ssl/letsencrypt/ state=directory
|
|
- name: Install acme.sh
|
|
shell: wget -O - https://get.acme.sh | sh
|
|
- name: Generate certificate using acme.sh
|
|
shell: /root/.acme.sh/acme.sh --issue --nginx -d {{ LOCAL_DOMAIN }}
|
|
- name: Install certificate in storage directory
|
|
shell: /root/.acme.sh/acme.sh --install-cert -d {{ LOCAL_DOMAIN }} --key-file /etc/ssl/letsencrypt/{{ LOCAL_DOMAIN }}.pem --fullchain-file /etc/ssl/letsencrypt/{{ LOCAL_DOMAIN }}.crt --reloadcmd "service nginx force-reload"
|