24 lines
778 B
YAML
24 lines
778 B
YAML
---
|
|
- name: Stop Nginx before Certbot (if it is running)
|
|
ansible.builtin.service:
|
|
name: nginx
|
|
state: stopped
|
|
ignore_errors: true
|
|
|
|
- name: Generate Certbot certificates
|
|
ansible.builtin.command: >
|
|
certbot certonly --standalone
|
|
--non-interactive
|
|
--agree-tos
|
|
--email {{ certbot_email | default("admin@" + mydomain) }}
|
|
-d {{ item.key + "." + mydomain if not item.value.internal else item.key + ".internal." + mydomain }}
|
|
loop: "{{ servernames | dict2items }}"
|
|
when: not item.value.internal
|
|
args:
|
|
creates: "/etc/letsencrypt/live/{{ item.key + "." + mydomain if not item.value.internal else item.key + ".internal." + mydomain }}/fullchain.pem"
|
|
|
|
- name: Start Nginx after Certbot
|
|
ansible.builtin.service:
|
|
name: nginx
|
|
state: started
|