jonathan/infra
1
0
Fork 0
Code Actions Activity

update lego and secrets

Browse Source
This commit is contained in:
Jonathan DeMasi
2026-01-24 13:21:33 -07:00
parent f8b2ae3f02
commit ae7fa539ac
2 changed files with 3 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ansible/roles/lego/defaults/main.yaml Normal file
View File

@@ -0,0 +1 @@
lego_method: dns

6
ansible/roles/lego/tasks/generate_cert.yaml
View File

@@ -1,12 +1,9 @@
- name: Gather package facts
ansible.builtin.package_facts:
manager: auto
- name: Generate initial cert (http) - name: Generate initial cert (http)
command: command:
cmd: /usr/local/bin/lego -a --email="{{ letsencrypt_email }}" --domains="{{ inventory_hostname | default(cert_domain) }}" --key-type {{ cert_key_type | default('rsa4096') }} --http run cmd: /usr/local/bin/lego -a --email="{{ letsencrypt_email }}" --domains="{{ inventory_hostname | default(cert_domain) }}" --key-type {{ cert_key_type | default('rsa4096') }} --http run
chdir: /root chdir: /root
creates: "/root/.lego/certificates/{{ inventory_hostname | default(cert_domain) }}.crt" creates: "/root/.lego/certificates/{{ inventory_hostname | default(cert_domain) }}.crt"
when: lego_method == 'http'
- name: Generate initial cert (dns) - name: Generate initial cert (dns)
command: command:
@@ -17,3 +14,4 @@
LINODE_POLLING_INTERVAL: 120 LINODE_POLLING_INTERVAL: 120
LINODE_PROPAGATION_TIMEOUT: 600 LINODE_PROPAGATION_TIMEOUT: 600
LINODE_TOKEN: {{ linode_dns_token }} LINODE_TOKEN: {{ linode_dns_token }}
when: lego_method == 'dns'