aboutsummaryrefslogblamecommitdiffstatshomepage
path: root/roles/letsencrypt/tasks/domain.yml
blob: 13717ef194497821805ffd2da4991ae3e3a2755e (plain) (tree)
1
2
3
4
5
6




                                                       









                                                                                           





                                                    
                                                           


                                                            
                           
- name: Set certificate name
  ansible.builtin.set_fact:
    certificate_name: '{{ item.name | default(item) }}'

- name: Set certificate domains
  ansible.builtin.set_fact:
    certificate_domains: "{{ item.domains | default([certificate_name]) | sort | unique }}"

- name: Cache domain list
  become: true
  ansible.builtin.template:
    src: domain_list.txt
    dest: '/etc/letsencrypt/.domains_{{ certificate_name }}.txt'
    owner: root
    group: root
    mode: '640'
  register: domain_list

- name: 'Create certificate: {{ certificate_name }}'
  become: true
  ansible.builtin.command: |
    certbot certonly --noninteractive --agree-tos \
        --cert-name '{{ certificate_name }}' \
        --email '{{ certbot_email }}' \
        --domains '{{ certificate_domains | join(',') }}' \
        --preferred-challenges dns \
        --dns-digitalocean \
        --dns-digitalocean-credentials '{{ certbot_ini }}' \
        --dns-digitalocean-propagation-seconds 30
  when: domain_list.changed