Compare commits

..

2 commits

8 changed files with 59 additions and 0 deletions

View file

@ -10,3 +10,9 @@ user_mgmt:
fritz:
state: present
groups: sudo
certbot_certs:
- [ "wiki.ccchb.de" ]
- [ "ccchb.de", "www.ccchb.de" ]
- [ "files.ccchb.de" ]

View file

@ -0,0 +1,11 @@
---
certbot_admin_email: hostmaster@ccchb.de
certbot_package: letsencrypt
certbot_method: webroot
certbot_webroot: /var/www/html
certbot_certs: []
certbot_renew: true

View file

@ -0,0 +1,22 @@
---
- name: Enable certbot timer.
systemd:
name: certbot.timer
enabled: yes
- name: Install certbot.
package:
name: "{{ certbot_package }}"
state: present
- name: Check for presence of certificates.
stat:
path: "/etc/letsencrypt/live/{{ item | first | replace(\"*.\", \"\") }}/cert.pem"
register: certs_presence
loop: "{{ certbot_certs }}"
- name: Obtain certificates.
include_tasks: 'obtain_{{ certbot_method }}.yml'
when: not item.stat.exists
loop: "{{ certs_presence.results }}"
...

View file

@ -0,0 +1,4 @@
---
- name: "Obtain certificate for {{ item.item | join(',') }}"
command: "certbot certonly --agree-tos -m {{ certbot_admin_email | quote }} -d {{ item.item | join(',') }} --standalone"
...

View file

@ -0,0 +1,4 @@
---
- name: "Obtain certificate for {{ item.item | join(',') }}"
command: "certbot certonly --agree-tos -m {{ certbot_admin_email | quote }} -d {{ item.item | join(',') }} --webroot -w {{ certbot_webroot | quote }}"
...

View file

@ -0,0 +1,4 @@
location /.well-known/acme-challenge/ {
alias {{ certbot_webroot }}/.well-known/acme-challenge/;
allow all;
}

View file

@ -6,3 +6,4 @@
- import_playbook: bhyve.yml
- import_playbook: mail.yml
- import_playbook: restic.yml
- import_playbook: wiki.yml

7
wiki.yml Normal file
View file

@ -0,0 +1,7 @@
---
- hosts:
- wiki
become: yes
roles:
- mediawiki
- certbot