mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2025-01-18 08:06:16 +01:00
32 lines
876 B
YAML
32 lines
876 B
YAML
---
|
|
|
|
- name: install certbot
|
|
pacman: name=certbot state=present
|
|
|
|
- name: install letsencrypt hook
|
|
copy: src=hook.sh dest=/etc/letsencrypt/hook.sh owner=root group=root mode=0755
|
|
|
|
- name: create letsencrypt hook dir
|
|
file: state=directory path=/etc/letsencrypt/hook.d owner=root group=root mode=0755
|
|
|
|
- name: install letsencrypt renewal service
|
|
copy: src={{ item }} dest=/etc/systemd/system/{{ item }} owner=root group=root mode=0644
|
|
with_items:
|
|
- certbot-renewal.service
|
|
- certbot-renewal.timer
|
|
|
|
- name: activate letsencrypt renewal service
|
|
systemd:
|
|
name: certbot-renewal.timer
|
|
enabled: yes
|
|
state: started
|
|
daemon_reload: yes
|
|
|
|
- name: open firewall holes for certbot standalone authenticator
|
|
firewalld: service={{ item }} permanent=true state=enabled immediate=yes
|
|
with_items:
|
|
- http
|
|
when: configure_firewall
|
|
tags:
|
|
- firewall
|