commit | author | age
|
42022d
|
1 |
- name: get acme files |
OB |
2 |
hosts: primary.eenfach.de |
|
3 |
become: yes |
|
4 |
tasks: |
|
5 |
- name: fetch cert files... |
|
6 |
fetch: |
|
7 |
src: '/etc/pjac/certdir/{{ item }}' |
|
8 |
dest: acme/ |
|
9 |
flat: yes |
|
10 |
loop: |
|
11 |
- cert.pem |
|
12 |
- chain.pem |
|
13 |
- fullchain.pem |
|
14 |
- name: fetch key file... |
|
15 |
fetch: |
|
16 |
src: /etc/pjac/eenfach.de.key |
|
17 |
dest: acme/ |
|
18 |
flat: yes |
|
19 |
|
|
20 |
- name: push certs to webserver |
|
21 |
hosts: web.eenfach.de |
|
22 |
become: yes |
|
23 |
tasks: |
|
24 |
- name: copy key file |
|
25 |
copy: |
|
26 |
src: acme/eenfach.de.key |
|
27 |
dest: /opt/apache24/conf/acme/eenfach.de.key |
|
28 |
owner: root |
|
29 |
group: webservd |
|
30 |
mode: 0640 |
|
31 |
notify: restart apache24 |
|
32 |
- name: copy cert files |
|
33 |
copy: |
|
34 |
src: 'acme/{{ item }}' |
|
35 |
dest: '/opt/apache24/conf/acme/certdir/{{ item }}' |
|
36 |
owner: root |
|
37 |
group: webservd |
|
38 |
mode: 0640 |
|
39 |
loop: |
|
40 |
- cert.pem |
|
41 |
- chain.pem |
|
42 |
- fullchain.pem |
|
43 |
notify: restart apache24 |
|
44 |
|
|
45 |
handlers: |
|
46 |
- name: restart apache24 |
|
47 |
service: |
|
48 |
name: svc:/network/apache24:default |
|
49 |
state: restarted |
|
50 |
|
|
51 |
- name: push certs to mailserver |
|
52 |
hosts: smail.eenfach.de |
|
53 |
become: yes |
|
54 |
tasks: |
|
55 |
- name: copy cert files |
|
56 |
copy: |
|
57 |
src: 'acme/{{ item }}' |
|
58 |
dest: '/etc/mail/certs/{{ item }}' |
|
59 |
owner: root |
|
60 |
group: root |
|
61 |
mode: 0600 |
|
62 |
loop: |
|
63 |
- cert.pem |
|
64 |
- chain.pem |
|
65 |
- fullchain.pem |
|
66 |
- eenfach.de.key |
|
67 |
notify: |
|
68 |
- restart sendmail |
|
69 |
- restart dovecot |
|
70 |
handlers: |
|
71 |
- name: restart sendmail |
|
72 |
service: |
|
73 |
name: svc:/network/sendmail:sendmail |
|
74 |
state: restarted |
|
75 |
- name: restart dovecot |
|
76 |
service: |
|
77 |
name: svc:/network/dovecot:dovecot |
|
78 |
state: restarted |
|
79 |
|
|
80 |
- name: push certs to openfire |
|
81 |
hosts: openfire.eenfach.de |
|
82 |
become: yes |
|
83 |
tasks: |
|
84 |
- name: copy cert files |
|
85 |
copy: |
|
86 |
src: 'acme/{{ item }}' |
|
87 |
dest: '/opt/openfire/openfire/resources/security/hotdeploy/{{ item }}' |
|
88 |
owner: openfire |
|
89 |
group: openfire |
|
90 |
mode: 0600 |
|
91 |
loop: |
|
92 |
- cert.pem |
|
93 |
- fullchain.pem |
|
94 |
- eenfach.de.key |