Nelze vybrat více než 25 témat Téma musí začínat písmenem nebo číslem, může obsahovat pomlčky („-“) a může být dlouhé až 35 znaků.

51 řádky
1.6KB

  1. ---
  2. - include_tasks: key.yml
  3. - include_tasks: csr.yml
  4. - name: letsencrypt account private key
  5. openssl_privatekey:
  6. path: "{{certificate_letsencrypt_account_key_file}}"
  7. type: RSA
  8. size: 4096
  9. - name: letsencrypt request
  10. acme_certificate:
  11. account_key_src: "{{certificate_letsencrypt_account_key_file}}"
  12. csr: "{{certificate_signing_request_file}}"
  13. dest: "{{certificate_file}}"
  14. chain_dest: "{{ certificate_chain_file }}"
  15. fullchain_dest: "{{ certificate_fullchain_file }}"
  16. challenge: http-01
  17. acme_directory: https://acme-v02.api.letsencrypt.org/directory
  18. acme_version: 2
  19. terms_agreed: yes
  20. register: _letsencrypt_request
  21. - block:
  22. - name: acme http directory
  23. file:
  24. path: /var/www/default/.well-known/acme-challenge
  25. state: directory
  26. - name: copy acme challenge resource
  27. copy:
  28. dest: /var/www/default/{{ item.resource }}
  29. content: "{{ item.resource_value }}"
  30. with_items: "{{ _letsencrypt_request | json_query('challenge_data.*.\"http-01\"') }}"
  31. - name: letsencrypt certificate
  32. acme_certificate:
  33. account_key_src: "{{certificate_letsencrypt_account_key_file}}"
  34. csr: "{{certificate_signing_request_file}}"
  35. dest: "{{certificate_file}}"
  36. chain_dest: "{{ certificate_chain_file }}"
  37. fullchain_dest: "{{ certificate_fullchain_file }}"
  38. challenge: http-01
  39. acme_directory: https://acme-v02.api.letsencrypt.org/directory
  40. acme_version: 2
  41. terms_agreed: yes
  42. data: "{{ _letsencrypt_request }}"
  43. register: _letsencrypt
  44. when: _letsencrypt_request.changed