acertmgr: update to 0.8.1
This commit is contained in:
parent
9cbc88e4ec
commit
bb65fc04c9
@ -1,6 +1,6 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
certmgr_mode: webserver
|
acertmgr_mode: webdir
|
||||||
|
|
||||||
confluence_domain: confluence.regensburg.freifunk.net
|
confluence_domain: confluence.regensburg.freifunk.net
|
||||||
confluence_dbname: confluence
|
confluence_dbname: confluence
|
||||||
|
3
roles/acertmgr/defaults/main.yml
Normal file
3
roles/acertmgr/defaults/main.yml
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
acertmgr_version: 0.8.1
|
@ -4,12 +4,12 @@
|
|||||||
apt: name={{ item }}
|
apt: name={{ item }}
|
||||||
with_items:
|
with_items:
|
||||||
- git
|
- git
|
||||||
- python-dateutil
|
- python-cryptography
|
||||||
- python-openssl
|
- python-dnspython
|
||||||
- python-yaml
|
- python-yaml
|
||||||
|
|
||||||
- name: Install acertmgr
|
- name: Install acertmgr
|
||||||
git: repo=https://github.com/moepman/acertmgr.git dest=/opt/acertmgr depth=1 version=017f55f57cb77628061b6a5f4236055c2e4d5f02
|
git: repo=https://github.com/moepman/acertmgr.git dest=/opt/acertmgr depth=1 version={{ acertmgr_version }}
|
||||||
|
|
||||||
- name: Create config directories
|
- name: Create config directories
|
||||||
file: path={{ item }} state=directory mode=0755
|
file: path={{ item }} state=directory mode=0755
|
||||||
@ -20,21 +20,6 @@
|
|||||||
- name: Configure acertmgr
|
- name: Configure acertmgr
|
||||||
template: src=acme.conf.j2 dest=/etc/acme/acme.conf
|
template: src=acme.conf.j2 dest=/etc/acme/acme.conf
|
||||||
|
|
||||||
- name: Create private keys
|
|
||||||
command: openssl genrsa -out {{ item }} 4096 creates={{ item }}
|
|
||||||
with_items:
|
|
||||||
- /etc/acme/account.key
|
|
||||||
- /etc/acme/server.key
|
|
||||||
|
|
||||||
- name: Ensure private key permissoins
|
|
||||||
file: path={{ item }} owner=root mode=0400
|
|
||||||
with_items:
|
|
||||||
- /etc/acme/account.key
|
|
||||||
- /etc/acme/server.key
|
|
||||||
|
|
||||||
- name: Download Lets Encrypt CA certificate
|
|
||||||
get_url: url=https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem dest=/etc/acme/lets-encrypt-x3-cross-signed.pem
|
|
||||||
|
|
||||||
- name: Create challenge directory
|
- name: Create challenge directory
|
||||||
file: path=/var/www/acme-challenge/ owner=root mode=0755 state=directory
|
file: path=/var/www/acme-challenge/ owner=root mode=0755 state=directory
|
||||||
|
|
||||||
|
@ -1,9 +1,6 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
mode: {{ certmgr_mode }}
|
mode: {{ acertmgr_mode }}
|
||||||
webdir: /var/www/acme-challenge/
|
webdir: /var/www/acme-challenge/
|
||||||
ttl_days: 30
|
ttl_days: 30
|
||||||
authority: "https://acme-v01.api.letsencrypt.org"
|
authority: "https://acme-v01.api.letsencrypt.org"
|
||||||
|
|
||||||
defaults:
|
|
||||||
cafile: /etc/acme/lets-encrypt-x3-cross-signed.pem
|
|
||||||
|
Loading…
Reference in New Issue
Block a user