Warezjoe/ansible_uni_deploy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
45b10ea8b49832fc5cbbd0b80b44bbadec72a1a5
ansible_uni_deploy/roles/nginx-proxy/tasks/generate_certs.yml
warezjoe fcddacd030 Delete if cert generation for internal domains
2026-03-03 13:37:06 +01:00

24 lines
817 B
YAML
Raw Blame History

---
- name: Stop Nginx before Certbot (if it is running)
ansible.builtin.service:
name: nginx
state: stopped
ignore_errors: true
- name: Generate Certbot certificates
ansible.builtin.command: >
certbot certonly --standalone
--non-interactive
--agree-tos
{{ '--dry-run' if bool_cert_dry_run | default(true) else '' }}
--email {{ certbot_email | default("admin@" + mydomain) }}
-d {{ item.key + "." + mydomain if not item.value.internal else item.key + ".internal." + mydomain }}
loop: "{{ servernames | dict2items }}"
args:
creates: "/etc/letsencrypt/live/{{ (item.key ~ '.' ~ mydomain) if not item.value.internal else (item.key ~ '.internal.' ~ mydomain) }}/fullchain.pem"
- name: Start Nginx after Certbot
ansible.builtin.service:
name: nginx
state: started
Reference in New Issue View Git Blame Copy Permalink