Add certmgr role.

roles/certmgr/tasks/main.yml

@@ -0,0 +1,41 @@
+---
+
+- name: Install dependencies
+  apt: name={{ item }} state=present
+  with_items:
+  - python-dateutil
+  - python-yaml
+  tags: certmgr
+
+- name: Install acertmgr
+  git: repo=https://github.com/moepman/acertmgr.git dest=/opt/acertmgr depth=1 version=e54caefff08809c09084df4f7d3604cb4d1c0db8
+  tags: certmgr
+
+- name: Create config directories
+  file: path={{ item }} state=directory mode=0755
+  with_items:
+  - /etc/acme
+  - /etc/acme/domains.d
+  tags: certmgr
+
+- name: Configure acertmgr
+  template: src=acme.conf.j2 dest=/etc/acme/acme.conf
+  tags: certmgr
+
+- name: Create certificates
+  command: openssl genrsa -out {{ item }} 4096 creates={{ item }}
+  with_items:
+  - /etc/acme/account.key
+  - /etc/acme/server.key
+  tags: certmgr
+
+- name: Ensure certificate permissoins
+  file: path={{ item }} owner=root mode=0400
+  with_items:
+  - /etc/acme/account.key
+  - /etc/acme/server.key
+  tags: certmgr
+
+#- name: Enable acertmgr cronjob
+#  cron: name=certmgr special_time=daily job=/opt/acertmgr/acertmgr.py
+#  tags: certmgr

roles/certmgr/templates/acme.conf.j2

@@ -0,0 +1,7 @@
+---
+
+mode: standalone
+webdir: /var/www/acme-challenge/
+ttl_days: 30
+
+defaults:

site.yml

@@ -9,4 +9,5 @@
 - name: Setup test mail server
   hosts: mail.binary-kitchen.com
   roles:
+  - certmgr
   - mail