30 lines
803 B
YAML
30 lines
803 B
YAML
---
|
|
- name: create ssl certificate for server
|
|
become: true
|
|
ansible.builtin.command: |
|
|
certbot certonly --webroot --webroot-path=/srv/http/letsencrypt \
|
|
-m {{ ssl_email }} --agree-tos \
|
|
-d {{ item }}
|
|
args:
|
|
creates: "/etc/letsencrypt/live/{{ item }}"
|
|
loop:
|
|
- "{{ base_server_name }}"
|
|
- "{{ bookstack_server_name }}"
|
|
- "{{ bitwarden_server_name }}"
|
|
- "{{ ci_server_name }}"
|
|
- "{{ cloud_server_name }}"
|
|
- "{{ cloud_skudak_server_name }}"
|
|
- "{{ fulfillr_server_name }}"
|
|
- "{{ parts_server_name }}"
|
|
- "{{ photos_server_name }}"
|
|
tags: ssl
|
|
|
|
- name: set group ownership for /etc/letsencrypt/
|
|
become: true
|
|
ansible.builtin.file:
|
|
path: /etc/letsencrypt
|
|
owner: "{{ podman_user }}"
|
|
group: "{{ podman_user }}"
|
|
recurse: true
|
|
tags: ssl
|