SSE-Lab/ansible/playbooks/roles/certbot/tasks/certbot_with_dockered_nginx...

55 lines
1.3 KiB
YAML

---
# Stop NGINX
- name: Stop NGINX
docker_container:
name: nginx
state: stopped
# Manage certbot
- name: Instal and configure certbot
include_role:
name: geerlingguy.certbot
- name: Copy fullchain files to nginx volume
ansible.builtin.copy:
src: "/etc/letsencrypt/live/{{ item.name }}/fullchain.pem"
#TODO nginx configuration is not multi domain
dest: "{{ docker_base_volume_path }}/nginx/ssl/fullchain.pem"
remote_src: true
mode: '0644'
loop: "{{ certbot_certs }}"
- name: Copy privkey files to nginx volume
ansible.builtin.copy:
src: "/etc/letsencrypt/live/{{ item.name }}/privkey.pem"
#TODO nginx configuration is not multi domain
dest: "{{ docker_base_volume_path }}/nginx/ssl/privatekey.pem"
remote_src: true
mode: '0644'
loop: "{{ certbot_certs }}"
- name: Setting up Docker NGINX renewal hooks
template:
src: "docker_nginx_{{ item }}.j2"
dest: "/etc/letsencrypt/renewal-hooks/{{ item }}/docker_nginx_{{ item }}.sh"
mode: '0744'
loop:
- pre
- post
- name: Removing systemctl hooks
ansible.builtin.file:
path: "{{ item }}"
state: absent
loop:
- "/etc/letsencrypt/renewal-hooks/pre/stop_services"
- "/etc/letsencrypt/renewal-hooks/post/start_services"
# Start NGINX
- name: Start NGINX
docker_container:
name: nginx