40 lines
954 B
YAML
40 lines
954 B
YAML
---
|
|
# main task for installing Let's Encrypt's certbot tool
|
|
# https://certbot.eff.org/#ubuntuxenial-other
|
|
|
|
- name: install certbot on ubuntu 16.04
|
|
apt:
|
|
state: latest
|
|
package: "{{ item }}"
|
|
update_cache: yes
|
|
cache_valid_time: 3600
|
|
with_items:
|
|
- "letsencrypt"
|
|
when: ansible_os_family == "Debian"
|
|
|
|
|
|
- name: create first certificates
|
|
command: "letsencrypt certonly --webroot -w /var/www/xai-corp.net -d {{ item }}"
|
|
args:
|
|
creates: /etc/letsencrypt/live/{{ item }}/cert.pem
|
|
with_items:
|
|
- xai-corp.net
|
|
- www.xai-corp.net
|
|
- dkregistry.xai-corp.net
|
|
- sql.xai-corp.net
|
|
- fs.xai-corp.net
|
|
- dkhost.xai-corp.net
|
|
- git.xai-corp.net
|
|
- dkui.xai-corp.net
|
|
- jenkins.xai-corp.net
|
|
- logs.xai-corp.net
|
|
- tripbuilder.xai-corp.net
|
|
|
|
- name: cron job for renewing certs
|
|
cron:
|
|
name: renew let's encrypt certificates
|
|
state: present
|
|
user: root
|
|
day: "*/2"
|
|
job: "letsencrypt renew "
|