IaC/ansible/roles/certbot/tasks/main.yaml

- name: Install certbot package (Archlinux)
  when: ansible_facts['os_family'] == "Archlinux"
  community.general.pacman:
    name:
      - certbot
      - certbot-dns-{{ certbot_dns_plugin }}
    state: present
    update_cache: true

- name: Install certbot webserver plugin (Archlinux)
  when:
    - ansible_facts['os_family'] == "Archlinux"
    - certbot_webserver_type == 'nginx'
  community.general.pacman:
    name:
      - certbot-nginx
    state: present
    update_cache: true

- name: Template out the rfc2136 credentials file
  when: certbot_dns_plugin == 'rfc2136'
  ansible.builtin.template:
    src: "{{ certbot_dns_plugin }}.conf.j2"
    dest: "/etc/letsencrypt/{{ certbot_dns_plugin }}.conf"
    owner: root
    group: root
    mode: '0600'

- name: Template out the certbot default config
  ansible.builtin.template:
    src: cli.ini.j2
    dest: /etc/letsencrypt/cli.ini
    owner: root
    group: root
    mode: '0644'

- name: Request and install certificates
  ansible.builtin.command:
    argv:
      - certbot
      - certonly
      - -n
      - --dns-{{ certbot_dns_plugin }}
      - --dns-{{ certbot_dns_plugin }}-credentials
      - /etc/letsencrypt/{{ certbot_dns_plugin }}.conf
      - --dns-rfc2136-propagation-seconds
      - "{{ certbot_rfc2136_propagation_seconds | default(5) }}"
      - -d
      - "{{ item }}"
    creates: /etc/letsencrypt/live/{{ item }}/fullchain.pem
  loop: "{{ certbot_domains }}"
  notify: "{{ certbot_notify | default(omit) }}"

- name: Enable certbot renewal
  ansible.builtin.service:
    name: certbot-renew.timer
    state: started
    enabled: true
start to add kodi ansible 2024-04-20 06:24:20 -04:00			`- name: Install certbot package (Archlinux)`
			`when: ansible_facts['os_family'] == "Archlinux"`
			`community.general.pacman:`
			`name:`
			`- certbot`
kodi media services basic setup 2024-04-20 09:04:17 -04:00			`- certbot-dns-{{ certbot_dns_plugin }}`
start to add kodi ansible 2024-04-20 06:24:20 -04:00			`state: present`
			`update_cache: true`

kodi media services basic setup 2024-04-20 09:04:17 -04:00			`- name: Install certbot webserver plugin (Archlinux)`
			`when:`
			`- ansible_facts['os_family'] == "Archlinux"`
			`- certbot_webserver_type == 'nginx'`
			`community.general.pacman:`
			`name:`
			`- certbot-nginx`
			`state: present`
			`update_cache: true`

certbot and nginx working 2024-04-21 09:37:46 -04:00			`- name: Template out the rfc2136 credentials file`
kodi media services basic setup 2024-04-20 09:04:17 -04:00			`when: certbot_dns_plugin == 'rfc2136'`
			`ansible.builtin.template:`
			`src: "{{ certbot_dns_plugin }}.conf.j2"`
			`dest: "/etc/letsencrypt/{{ certbot_dns_plugin }}.conf"`
			`owner: root`
			`group: root`
			`mode: '0600'`

certbot and nginx working 2024-04-21 09:37:46 -04:00			`- name: Template out the certbot default config`
			`ansible.builtin.template:`
			`src: cli.ini.j2`
			`dest: /etc/letsencrypt/cli.ini`
			`owner: root`
			`group: root`
			`mode: '0644'`
kodi media services basic setup 2024-04-20 09:04:17 -04:00
			`- name: Request and install certificates`
			`ansible.builtin.command:`
			`argv:`
certbot and nginx working 2024-04-21 09:37:46 -04:00			`- certbot`
			`- certonly`
			`- -n`
			`- --dns-{{ certbot_dns_plugin }}`
			`- --dns-{{ certbot_dns_plugin }}-credentials`
			`- /etc/letsencrypt/{{ certbot_dns_plugin }}.conf`
			`- --dns-rfc2136-propagation-seconds`
			`- "{{ certbot_rfc2136_propagation_seconds \| default(5) }}"`
			`- -d`
			`- "{{ item }}"`
kodi media services basic setup 2024-04-20 09:04:17 -04:00			`creates: /etc/letsencrypt/live/{{ item }}/fullchain.pem`
			`loop: "{{ certbot_domains }}"`
add nuc playbook 2024-05-16 05:35:45 -04:00			`notify: "{{ certbot_notify \| default(omit) }}"`
kodi media services basic setup 2024-04-20 09:04:17 -04:00
			`- name: Enable certbot renewal`
			`ansible.builtin.service:`
			`name: certbot-renew.timer`
			`state: started`
			`enabled: true`