dev-tools/ansible/roles/letsencrypt/tasks/main.yml - airavata - Git at Google

 #
 #
 # Licensed to the Apache Software Foundation (ASF) under one
 # or more contributor license agreements.  See the NOTICE file
 # distributed with this work for additional information
 # regarding copyright ownership.  The ASF licenses this file
 # to you under the Apache License, Version 2.0 (the
 # "License"); you may not use this file except in compliance
 # with the License.  You may obtain a copy of the License at
 #
 #   http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing,
 # software distributed under the License is distributed on an
 # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 # KIND, either express or implied.  See the License for the
 # specific language governing permissions and limitations
 # under the License.
 #

 ---

 - include: install_deps_{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml
   when: ansible_os_family == "RedHat"

 - name: add Certbot PPA repository
   apt_repository:
     repo: "ppa:certbot/certbot"
   become: yes
   when: ansible_os_family == "Debian"

 - name: Install Certbot and dependencies (Debian)
   apt: name={{ item }} state=latest update_cache=yes
   with_items:
     - certbot
     - python-certbot-apache
   become: yes
   when: ansible_os_family == "Debian"

 # Note: on Ubuntu crontab is automatically created to run cert renewal. Only
 # CentOS requires enabling the certbot-renew timer.

 - name: enable certbot (letsencrypt) renewal
   systemd:
     enabled: true
     name: certbot-renew
     daemon_reload: true
   become: true
   become_user: root
   when: ansible_os_family == "RedHat"

 - name: enable certbot (letsencrypt) renewal timer
   systemd:
     state: started
     enabled: true
     name: certbot-renew.timer
     daemon_reload: true
   become: true
   become_user: root
   when: ansible_os_family == "RedHat"
	#
	#
	# Licensed to the Apache Software Foundation (ASF) under one
	# or more contributor license agreements. See the NOTICE file
	# distributed with this work for additional information
	# regarding copyright ownership. The ASF licenses this file
	# to you under the Apache License, Version 2.0 (the
	# "License"); you may not use this file except in compliance
	# with the License. You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing,
	# software distributed under the License is distributed on an
	# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	# KIND, either express or implied. See the License for the
	# specific language governing permissions and limitations
	# under the License.
	#

	---

	- include: install_deps_{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml
	when: ansible_os_family == "RedHat"

	- name: add Certbot PPA repository
	apt_repository:
	repo: "ppa:certbot/certbot"
	become: yes
	when: ansible_os_family == "Debian"

	- name: Install Certbot and dependencies (Debian)
	apt: name={{ item }} state=latest update_cache=yes
	with_items:
	- certbot
	- python-certbot-apache
	become: yes
	when: ansible_os_family == "Debian"

	# Note: on Ubuntu crontab is automatically created to run cert renewal. Only
	# CentOS requires enabling the certbot-renew timer.

	- name: enable certbot (letsencrypt) renewal
	systemd:
	enabled: true
	name: certbot-renew
	daemon_reload: true
	become: true
	become_user: root
	when: ansible_os_family == "RedHat"

	- name: enable certbot (letsencrypt) renewal timer
	systemd:
	state: started
	enabled: true
	name: certbot-renew.timer
	daemon_reload: true
	become: true
	become_user: root
	when: ansible_os_family == "RedHat"