nut and acme working

ansible/roles/nut_server/handlers/main.yaml

@@ -0,0 +1,11 @@
+- name: Restart nut-driver-enumerator
+  when: not nut_driver_enumerator_started.changed
+  ansible.builtin.service:
+    name: nut-driver-enumerator.service
+    state: restarted
+
+- name: Restart nut-server
+  when: not nut_server_started.changed
+  ansible.builtin.service:
+    name: nut-server.service
+    state: restarted

ansible/roles/nut_server/tasks/main.yaml

@@ -1,43 +1,72 @@
 - name: Template out ups.conf
   ansible.builtin.template:
-    src: ups.conf.j2
     dest: /etc/nut/ups.conf
-    owner: root
     group: root
     mode: '0644'
-
-- name: Start and enable nut-enumerator
-  ansible.builtin.service:
-    name: nut-driver-enumerator
-    state: restarted
-    enabled: true
+    owner: root
+    src: ups.conf.j2
+    trim_blocks: true
+  notify:
+    - Restart nut-driver-enumerator
 
 - name: Template out upsd.conf
   ansible.builtin.template:
-    src: upsd.conf.j2
     dest: /etc/nut/upsd.conf
-    owner: root
     group: nut
     mode: '0640'
+    owner: root
+    src: upsd.conf.j2
+    trim_blocks: true
+  notify:
+    - Restart nut-server
 
 - name: Template out upsd.users
   ansible.builtin.template:
-    src: upsd.users.j2
     dest: /etc/nut/upsd.users
-    owner: root
     group: nut
     mode: '0640'
+    owner: root
+    src: upsd.users.j2
+    trim_blocks: true
+  notify:
+    - Restart nut-server
 
-- name: Open nut server firewall port
+- name: Open nut server firewall port (UFW)
   community.general.ufw:
     rule: allow
-    to_ip: "{{ nut_server_listen_address }}"
-    to_port: "{{ nut_server_listen_port }}}}"
+    to_ip: "{{ nut_server_listen_address | string }}"
+    to_port: "{{ nut_server_listen_port | string }}"
     proto: tcp
     comment: "NUT server"
 
+- name: Chown nut server cert to nut user
+  ansible.builtin.file:
+    group: nut
+    mode: '0600'
+    owner: nut
+    path: "{{ nut_server_certificate_file }}"
+  notify:
+    - Restart nut-server
+
+- name: Start and enable nut-driver-enumerator
+  ansible.builtin.service:
+    name: nut-driver-enumerator.service
+    state: started
+    enabled: true
+  register: nut_driver_enumerator_started
+
 - name: Start and enable nut-server
   ansible.builtin.service:
-    name: nut-server
-    state: restarted
+    name: nut-server.service
+    state: started
     enabled: true
+  register: nut_server_started
+
+- name: Start and enable nut targets
+  ansible.builtin.service:
+    name: "{{ item }}"
+    state: started
+    enabled: true
+  loop:
+    - nut-driver.target
+    - nut.target

ansible/roles/nut_server/templates/ups.conf.j2

@@ -1,5 +1,12 @@
-{% for ups in ups_devices %}
-[ups{{ loop.index }}]
+# File configured via Ansible playbook
+# Reference documentation:
+# https://networkupstools.org/docs/man/ups.conf.html
+
+maxretry = 5
+
+{% for ups in nut_server_ups_devices %}
+[{{ ups.name }}]
     driver = {{ ups.driver }}
     port = {{ ups.port }}
-{% endfor %}
+{% endfor %}
+

ansible/roles/nut_server/templates/upsd.conf.j2

@@ -0,0 +1,18 @@
+# File configured via Ansible playbook
+# Reference documentation:
+# https://networkupstools.org/docs/man/upsd.conf.html
+
+# MAXAGE 15
+# TRACKINGDELAY 3600
+# ALLOW_NO_DEVICE false
+# STATEPATH /var/run/nut
+LISTEN {{ nut_server_listen_address }} {{ nut_server_listen_port }}
+LISTEN localhost {{ nut_server_listen_port }}
+# MAXCONN 1024
+CERTFILE {{ nut_server_certificate_file }}
+# CERTPATH /usr/local/ups/etc/cert/upsd
+# CERTIDENT "my nut server" "MyPasSw0rD"
+# CERTREQUEST REQUIRE
+DISABLE_WEAK_SSL true
+# DEBUG_MIN 2
+

ansible/roles/nut_server/templates/upsd.users.j2

@@ -1,11 +1,17 @@
+# File configured via Ansible playbook
+# Reference documentation:
+# https://networkupstools.org/docs/man/upsd.users.html
+
+[{{ nut_client_admin_username }}]
+     password = {{ nut_client_admin_password }}
+     actions = set
+     actions = fsd
+     instcmds = all
+
 [{{ nut_client_primary_username }}]
      password = {{ nut_client_primary_password }}
      upsmon primary
-     actions = SET
-     instcmds = ALL
 
 [{{ nut_client_secondary_username }}]
      password = {{ nut_client_secondary_password }}
-     upsmon secondary
-     actions = SET
-     instcmds = ALL     
+     upsmon secondary