nikdoof/ansible-certbot
1
0
Fork 0
mirror of https://github.com/nikdoof/ansible-certbot.git synced 2025-12-23 22:59:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

Support any provided plugin via auto-installation

Browse Source
This commit is contained in:
Andrew Williams
2025-07-19 11:29:56 +01:00
parent 44174f00d9
commit e0b88c6dad
6 changed files with 186 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
tasks/cert.yaml
View File

@@ -3,11 +3,14 @@
ansible.builtin.stat:
path: "/etc/letsencrypt/live/{{ item.hostname }}/cert.pem"
register: cert_stat
check_mode: false
- name: Certbot - Get the SANs from the certificate file
community.crypto.x509_certificate_info:
path: "/etc/letsencrypt/live/{{ item.hostname }}/cert.pem"
register: cert_info
changed_when: false
check_mode: false
when: cert_stat.stat.exists
- name: Certbot - Calculate the SAN list
@@ -15,6 +18,6 @@
cert_sans: "{{ ['DNS:'] | product(item.sans | default([item.hostname])) | map('join') | list }}"
- name: Certbot - Request a certificate # noqa no-changed-when ignore-errors
ansible.builtin.command: "certbot certonly -n --expand --agree-tos {{ certbot_plugin_arguments[item.plugin | default('default')] }} -d '{{ item.hostname }}' {% for san in item.sans | default([]) %} -d '{{ san }}' {% endfor %} -m {{ certbot_certs_email }}" # noqa no-change-when
ansible.builtin.command: "certbot certonly -n --expand --agree-tos {{ certbot_plugin_arguments[item.plugin | default('default')] | default('') }} -d '{{ item.hostname }}' {% for san in item.sans | default([]) %} -d '{{ san }}' {% endfor %} -m {{ certbot_certs_email }}{% if item.extra_arguments is defined %} {{ item.extra_arguments }}{% endif %}" # noqa no-change-when
ignore_errors: true
when: not cert_stat.stat.exists or cert_sans | difference(cert_info.subject_alt_name) | list | length > 0