27 lines
927 B
YAML
27 lines
927 B
YAML
- hosts: cce_frontend_prod
|
|
tasks:
|
|
# Source: https://medium.com/@khandelwal12nidhi/automate-letsencrypt-ssl-installation-with-ansible-for-multiple-domains-8453f2c3212d
|
|
- name: Check if cert already exists
|
|
become: true
|
|
stat:
|
|
path: /etc/letsencrypt/live/{{ item.servername}}/cert.pem
|
|
register: letsencrypt_cert
|
|
with_items: "{{ frontend_hostnames }}"
|
|
|
|
# TODO: Stop Nginx from hanging
|
|
- name: Stop nginx to allow certbot to generate a cert
|
|
become: true
|
|
service:
|
|
name: nginx
|
|
state: stopped
|
|
|
|
- name: Generate new cert if one doesn't exist
|
|
shell: "certbot certonly --standalone --noninteractive --agree-tos --email {{ certbot_admin_email }} -d {{ item.item.servername}}"
|
|
with_items: "{{ letsencrypt_cert.results }}"
|
|
when: item.stat.exists == False
|
|
|
|
- name: Start ngnix after cert has been generated
|
|
become: true
|
|
service:
|
|
name: nginx
|
|
state: started |