diff --git a/roles/acertmgr/defaults/main.yml b/roles/acertmgr/defaults/main.yml deleted file mode 100644 index 1edabbb..0000000 --- a/roles/acertmgr/defaults/main.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- - -acertmgr_version: 0.8.2 diff --git a/roles/acertmgr/tasks/main.yml b/roles/acertmgr/tasks/main.yml index 2316821..6d5ab11 100644 --- a/roles/acertmgr/tasks/main.yml +++ b/roles/acertmgr/tasks/main.yml @@ -3,25 +3,27 @@ - name: Install dependencies apt: name={{ item }} with_items: - - git - - python-cryptography - - python-dnspython - - python-yaml + - python3-cryptography + - python3-dnspython + - python3-yaml + - python3-pkg-resources + +- name: Find current acertmgr version + get_url: url="https://raw.githubusercontent.com/moepman/acertmgr/master/version.txt" dest=/tmp/acertmgr.version + vars: + ansible_connection: local - name: Install acertmgr - git: repo=https://github.com/moepman/acertmgr.git dest=/opt/acertmgr depth=1 version={{ acertmgr_version }} + apt: deb="https://github.com/moepman/acertmgr/releases/download/{{ lookup('file', '/tmp/acertmgr.version') }}/python3-acertmgr_{{ lookup('file', '/tmp/acertmgr.version') }}-1_all.deb" - name: Create config directories - file: path={{ item }} state=directory mode=0755 - with_items: - - /etc/acme - - /etc/acme/domains.d + file: path=/etc/acertmgr state=directory mode=0755 - name: Configure acertmgr - template: src=acme.conf.j2 dest=/etc/acme/acme.conf + template: src=acertmgr.conf.j2 dest=/etc/acertmgr/acertmgr.conf - name: Create challenge directory file: path=/var/www/acme-challenge/ owner=root mode=0755 state=directory - name: Enable acertmgr cronjob - cron: name=certmgr special_time=daily job=/opt/acertmgr/acertmgr.py + cron: name=certmgr special_time=daily job=/usr/bin/acertmgr diff --git a/roles/acertmgr/templates/acme.conf.j2 b/roles/acertmgr/templates/acertmgr.conf.j2 similarity index 50% rename from roles/acertmgr/templates/acme.conf.j2 rename to roles/acertmgr/templates/acertmgr.conf.j2 index f478eb9..b9d0ef4 100644 --- a/roles/acertmgr/templates/acme.conf.j2 +++ b/roles/acertmgr/templates/acertmgr.conf.j2 @@ -2,5 +2,4 @@ mode: {{ acertmgr_mode }} webdir: /var/www/acme-challenge/ -ttl_days: 30 -authority: "https://acme-v01.api.letsencrypt.org" +authority_tos_agreement: true diff --git a/roles/web-gw/handlers/main.yml b/roles/web-gw/handlers/main.yml index 2c3a4e3..ff936dd 100644 --- a/roles/web-gw/handlers/main.yml +++ b/roles/web-gw/handlers/main.yml @@ -4,4 +4,4 @@ service: name=nginx state=restarted - name: Run acertmgr - command: /opt/acertmgr/acertmgr.py + command: /usr/bin/acertmgr diff --git a/roles/web-gw/tasks/main.yml b/roles/web-gw/tasks/main.yml index 41721cf..1eace25 100644 --- a/roles/web-gw/tasks/main.yml +++ b/roles/web-gw/tasks/main.yml @@ -8,7 +8,7 @@ file: path=/var/www/html state=directory mode=0755 - name: Configure certificate manager - template: src=certs.j2 dest=/etc/acme/domains.d/{{ ansible_fqdn }}.conf + template: src=certs.j2 dest=/etc/acertmgr/{{ ansible_fqdn }}.conf notify: Run acertmgr - name: Configure vhosts