|
@@ -10,6 +10,18 @@ |
|
|
- include_tasks: key.yml |
|
|
- include_tasks: key.yml |
|
|
- include_tasks: csr.yml |
|
|
- include_tasks: csr.yml |
|
|
|
|
|
|
|
|
|
|
|
- name: check if the certificate will expire soon |
|
|
|
|
|
command: openssl x509 -checkend {{ 60*60*24*30 }} -noout -in {{certificate_file}} |
|
|
|
|
|
register: _certificate_checkend |
|
|
|
|
|
changed_when: _certificate_checkend.rc == 1 |
|
|
|
|
|
failed_when: _certificate_checkend.rc > 1 |
|
|
|
|
|
|
|
|
|
|
|
- name: delete certificate when certificate is about to expire |
|
|
|
|
|
file: |
|
|
|
|
|
path: "{{ certificate_file }}" |
|
|
|
|
|
state: absent |
|
|
|
|
|
when: _certificate_checkend.rc == 1 |
|
|
|
|
|
|
|
|
- name: letsencrypt request |
|
|
- name: letsencrypt request |
|
|
letsencrypt: |
|
|
letsencrypt: |
|
|
account_key: "{{certificate_letsencrypt_account_key_file}}" |
|
|
account_key: "{{certificate_letsencrypt_account_key_file}}" |
|
|