IaC/ansible/roles/certbot/tasks/main.yaml

- name: Install certbot package (Archlinux)
  when: ansible_facts['os_family'] == "Archlinux"
  community.general.pacman:
    name:
      - certbot
      - certbot-dns-{{ certbot_dns_plugin }}
    state: present
    update_cache: true

- name: Install certbot webserver plugin (Archlinux)
  when:
    - ansible_facts['os_family'] == "Archlinux"
    - certbot_webserver_type == 'nginx'
  community.general.pacman:
    name:
      - certbot-nginx
    state: present
    update_cache: true

- name: Template out the dns config file
  when: certbot_dns_plugin == 'rfc2136'
  ansible.builtin.template:
    src: "{{ certbot_dns_plugin }}.conf.j2"
    dest: "/etc/letsencrypt/{{ certbot_dns_plugin }}.conf"
    owner: root
    group: root
    mode: '0600'

- name: Register certbot account
  ansible.builtin.command:
    argv:
      - "certbot register"
      - "--agree-tos"
      - "--email {{ certbot_email }}"
      - "--no-eff-email"
    creates: /etc/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/{{ certbot_email }}

- name: Request and install certificates
  ansible.builtin.command:
    argv:
      - "certbot --nginx run -n"
      - "--dns-{{ certbot_dns_plugin }}"
      - "--dns-{{ certbot_dns_plugin }}-credentials /etc/letsencrypt/{{ certbot_dns_plugin }}.conf"
      - "-d {{ item }}"
    creates: /etc/letsencrypt/live/{{ item }}/fullchain.pem
  loop: "{{ certbot_domains }}"

- name: Enable certbot renewal
  ansible.builtin.service:
    name: certbot-renew.timer
    state: started
    enabled: true
start to add kodi ansible 2024-04-20 06:24:20 -04:00			`- name: Install certbot package (Archlinux)`
			`when: ansible_facts['os_family'] == "Archlinux"`
			`community.general.pacman:`
			`name:`
			`- certbot`
kodi media services basic setup 2024-04-20 09:04:17 -04:00			`- certbot-dns-{{ certbot_dns_plugin }}`
start to add kodi ansible 2024-04-20 06:24:20 -04:00			`state: present`
			`update_cache: true`

kodi media services basic setup 2024-04-20 09:04:17 -04:00			`- name: Install certbot webserver plugin (Archlinux)`
			`when:`
			`- ansible_facts['os_family'] == "Archlinux"`
			`- certbot_webserver_type == 'nginx'`
			`community.general.pacman:`
			`name:`
			`- certbot-nginx`
			`state: present`
			`update_cache: true`

			`- name: Template out the dns config file`
			`when: certbot_dns_plugin == 'rfc2136'`
			`ansible.builtin.template:`
			`src: "{{ certbot_dns_plugin }}.conf.j2"`
			`dest: "/etc/letsencrypt/{{ certbot_dns_plugin }}.conf"`
			`owner: root`
			`group: root`
			`mode: '0600'`

			`- name: Register certbot account`
			`ansible.builtin.command:`
			`argv:`
			`- "certbot register"`
			`- "--agree-tos"`
			`- "--email {{ certbot_email }}"`
			`- "--no-eff-email"`
			`creates: /etc/letsencrypt/accounts/acme-v02.api.letsencrypt.org/directory/{{ certbot_email }}`

			`- name: Request and install certificates`
			`ansible.builtin.command:`
			`argv:`
			`- "certbot --nginx run -n"`
			`- "--dns-{{ certbot_dns_plugin }}"`
			`- "--dns-{{ certbot_dns_plugin }}-credentials /etc/letsencrypt/{{ certbot_dns_plugin }}.conf"`
			`- "-d {{ item }}"`
			`creates: /etc/letsencrypt/live/{{ item }}/fullchain.pem`
			`loop: "{{ certbot_domains }}"`

			`- name: Enable certbot renewal`
			`ansible.builtin.service:`
			`name: certbot-renew.timer`
			`state: started`
			`enabled: true`