25 lines
796 B
YAML
25 lines
796 B
YAML
---
|
|
- name: Stop Nginx before Certbot (if it is running)
|
|
ansible.builtin.service:
|
|
name: nginx
|
|
state: stopped
|
|
ignore_errors: true
|
|
|
|
- name: Generate Certbot certificates
|
|
ansible.builtin.command: >
|
|
certbot certonly --standalone
|
|
--non-interactive
|
|
--agree-tos
|
|
--dry-run
|
|
--email {{ certbot_email | default("admin@" + mydomain) }}
|
|
-d {{ item.key + "." + mydomain if not item.value.internal else item.key + ".internal." + mydomain }}
|
|
loop: "{{ servernames | dict2items }}"
|
|
when: not item.value.internal
|
|
args:
|
|
creates: "/etc/letsencrypt/live/{{ (item.key ~ '.' ~ mydomain) if not item.value.internal else (item.key ~ '.internal.' ~ mydomain) }}/fullchain.pem"
|
|
|
|
- name: Start Nginx after Certbot
|
|
ansible.builtin.service:
|
|
name: nginx
|
|
state: started
|