acertmgr: update to 0.8.1

This commit is contained in:
Markus 2019-03-07 15:52:56 +01:00
parent 9cbc88e4ec
commit bb65fc04c9
4 changed files with 8 additions and 23 deletions

View File

@ -1,6 +1,6 @@
--- ---
certmgr_mode: webserver acertmgr_mode: webdir
confluence_domain: confluence.regensburg.freifunk.net confluence_domain: confluence.regensburg.freifunk.net
confluence_dbname: confluence confluence_dbname: confluence

View File

@ -0,0 +1,3 @@
---
acertmgr_version: 0.8.1

View File

@ -4,12 +4,12 @@
apt: name={{ item }} apt: name={{ item }}
with_items: with_items:
- git - git
- python-dateutil - python-cryptography
- python-openssl - python-dnspython
- python-yaml - python-yaml
- name: Install acertmgr - name: Install acertmgr
git: repo=https://github.com/moepman/acertmgr.git dest=/opt/acertmgr depth=1 version=017f55f57cb77628061b6a5f4236055c2e4d5f02 git: repo=https://github.com/moepman/acertmgr.git dest=/opt/acertmgr depth=1 version={{ acertmgr_version }}
- name: Create config directories - name: Create config directories
file: path={{ item }} state=directory mode=0755 file: path={{ item }} state=directory mode=0755
@ -20,21 +20,6 @@
- name: Configure acertmgr - name: Configure acertmgr
template: src=acme.conf.j2 dest=/etc/acme/acme.conf template: src=acme.conf.j2 dest=/etc/acme/acme.conf
- name: Create private keys
command: openssl genrsa -out {{ item }} 4096 creates={{ item }}
with_items:
- /etc/acme/account.key
- /etc/acme/server.key
- name: Ensure private key permissoins
file: path={{ item }} owner=root mode=0400
with_items:
- /etc/acme/account.key
- /etc/acme/server.key
- name: Download Lets Encrypt CA certificate
get_url: url=https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem dest=/etc/acme/lets-encrypt-x3-cross-signed.pem
- name: Create challenge directory - name: Create challenge directory
file: path=/var/www/acme-challenge/ owner=root mode=0755 state=directory file: path=/var/www/acme-challenge/ owner=root mode=0755 state=directory

View File

@ -1,9 +1,6 @@
--- ---
mode: {{ certmgr_mode }} mode: {{ acertmgr_mode }}
webdir: /var/www/acme-challenge/ webdir: /var/www/acme-challenge/
ttl_days: 30 ttl_days: 30
authority: "https://acme-v01.api.letsencrypt.org" authority: "https://acme-v01.api.letsencrypt.org"
defaults:
cafile: /etc/acme/lets-encrypt-x3-cross-signed.pem