| # |
| # |
| # Licensed to the Apache Software Foundation (ASF) under one |
| # or more contributor license agreements. See the NOTICE file |
| # distributed with this work for additional information |
| # regarding copyright ownership. The ASF licenses this file |
| # to you under the Apache License, Version 2.0 (the |
| # "License"); you may not use this file except in compliance |
| # with the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, |
| # software distributed under the License is distributed on an |
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| # KIND, either express or implied. See the License for the |
| # specific language governing permissions and limitations |
| # under the License. |
| # |
| |
| --- |
| |
| - include: install_deps_{{ ansible_distribution }}_{{ ansible_distribution_major_version }}.yml |
| when: ansible_os_family == "RedHat" |
| |
| - name: add Certbot PPA repository |
| apt_repository: |
| repo: "ppa:certbot/certbot" |
| become: yes |
| when: ansible_os_family == "Debian" |
| |
| - name: Install Certbot and dependencies (Debian) |
| apt: name={{ item }} state=latest update_cache=yes |
| with_items: |
| - certbot |
| - python-certbot-apache |
| become: yes |
| when: ansible_os_family == "Debian" |
| |
| # Note: on Ubuntu crontab is automatically created to run cert renewal. Only |
| # CentOS requires enabling the certbot-renew timer. |
| |
| - name: enable certbot (letsencrypt) renewal |
| systemd: |
| enabled: true |
| name: certbot-renew |
| daemon_reload: true |
| become: true |
| become_user: root |
| when: ansible_os_family == "RedHat" |
| |
| - name: enable certbot (letsencrypt) renewal timer |
| systemd: |
| state: started |
| enabled: true |
| name: certbot-renew.timer |
| daemon_reload: true |
| become: true |
| become_user: root |
| when: ansible_os_family == "RedHat" |