Last active
October 14, 2016 00:32
-
-
Save jellis/21e247b0d357534cc4648dc4271e4b85 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
- name: download certbot file | |
get_url: url=https://dl.eff.org/certbot-auto dest=/usr/local/sbin/certbot-auto owner=root group=root mode=0744 validate_certs=no | |
- name: install OS dependencies | |
shell: certbot-auto --os-packages-only --non-interactive | |
- include: ssl.yml | |
with_items: "{{ nginx_vhosts }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nginx_vhosts: | |
- domain: my.cool.website.com | |
config: my.cool.website.conf | |
www_alias: false | |
install_ssl: true | |
certbot_server: https://acme-staging.api.letsencrypt.org/directory |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
- name: stop nginx to get ssl for {{ item.domain }} | |
service: name=nginx state=stopped | |
ignore_errors: true | |
- name: generate ssl certificate if required (with www alias) | |
shell: certbot-auto certonly -d {{ item.domain }} -d www.{{ item.domain }} --standalone --register-unsafely-without-email --agree-tos --non-interactive --server {{ certbot_server }} | |
when: item.install_ssl is defined and item.install_ssl and item.www_alias is defined and item.www_alias | |
- name: generate ssl certificate if required | |
shell: certbot-auto certonly -d {{ item.domain }} --standalone --register-unsafely-without-email --agree-tos --non-interactive --server {{ certbot_server }} | |
when: item.install_ssl is defined and item.install_ssl and (item.www_alias is undefined or item.www_alias == false) | |
- name: start nginx if available | |
service: name=nginx state=started | |
ignore_errors: true |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment