roles/letsencrypt/tasks/digitalocean.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

- name: Configure Certbot DigitalOcean plugin
  become: true
  block:
    - name: Prompt for token
      ansible.builtin.pause:
        prompt: |
          Enter your API token:
        echo: false
      register: digitalocean_token
      when:
        - lookup('env', 'DIGITALOCEAN_TOKEN') | length <= 0

    - name: Set token as fact
      ansible.builtin.set_fact:
        digitalocean_token: "{{ digitalocean_token.user_input | default(lookup('env', 'DIGITALOCEAN_TOKEN')) }}"

    - name: Fail if token is invalid
      ansible.builtin.fail:
        msg: 'DigitalOcean token is invalid'
      when: digitalocean_token | length == 0

    - name: Configure certbot.ini
      ansible.builtin.template:
        src: certbot.ini.j2
        dest: '{{ letsencrypt_credentials_ini }}'
        owner: root
        group: root
        mode: '600'