forked from ansible-internal/letsencrypt
| commit | author | age | ||
| 42022d | 1 | - name: get acme files |
| OB | 2 | hosts: primary.eenfach.de |
| 3 | become: yes | |
| 4 | tasks: | |
| 5 | - name: fetch cert files... | |
| 6 | fetch: | |
| 7 | src: '/etc/pjac/certdir/{{ item }}' | |
| 8 | dest: acme/ | |
| 9 | flat: yes | |
| 10 | loop: | |
| 11 | - cert.pem | |
| 12 | - chain.pem | |
| 13 | - fullchain.pem | |
| 14 | - name: fetch key file... | |
| 15 | fetch: | |
| 16 | src: /etc/pjac/eenfach.de.key | |
| 17 | dest: acme/ | |
| 18 | flat: yes | |
| 19 | ||
| 20 | - name: push certs to webserver | |
| 21 | hosts: web.eenfach.de | |
| 22 | become: yes | |
| 23 | tasks: | |
| 24 | - name: copy key file | |
| 25 | copy: | |
| 26 | src: acme/eenfach.de.key | |
| 27 | dest: /opt/apache24/conf/acme/eenfach.de.key | |
| 28 | owner: root | |
| 29 | group: webservd | |
| 30 | mode: 0640 | |
| 31 | notify: restart apache24 | |
| 32 | - name: copy cert files | |
| 33 | copy: | |
| 34 | src: 'acme/{{ item }}' | |
| 35 | dest: '/opt/apache24/conf/acme/certdir/{{ item }}' | |
| 36 | owner: root | |
| 37 | group: webservd | |
| 38 | mode: 0640 | |
| 39 | loop: | |
| 40 | - cert.pem | |
| 41 | - chain.pem | |
| 42 | - fullchain.pem | |
| 43 | notify: restart apache24 | |
| 44 | ||
| 45 | handlers: | |
| 46 | - name: restart apache24 | |
| 47 | service: | |
| 48 | name: svc:/network/apache24:default | |
| 49 | state: restarted | |
| 50 | ||
| 51 | - name: push certs to mailserver | |
| 52 | hosts: smail.eenfach.de | |
| 53 | become: yes | |
| 54 | tasks: | |
| 55 | - name: copy cert files | |
| 56 | copy: | |
| 57 | src: 'acme/{{ item }}' | |
| 58 | dest: '/etc/mail/certs/{{ item }}' | |
| 59 | owner: root | |
| 60 | group: root | |
| 61 | mode: 0600 | |
| 62 | loop: | |
| 63 | - cert.pem | |
| 64 | - chain.pem | |
| 65 | - fullchain.pem | |
| 66 | - eenfach.de.key | |
| 67 | notify: | |
| 68 | - restart sendmail | |
| 69 | - restart dovecot | |
| 70 | handlers: | |
| 71 | - name: restart sendmail | |
| 72 | service: | |
| 73 | name: svc:/network/sendmail:sendmail | |
| 74 | state: restarted | |
| 75 | - name: restart dovecot | |
| 76 | service: | |
| 77 | name: svc:/network/dovecot:dovecot | |
| 78 | state: restarted | |
| 79 | ||
| 80 | - name: push certs to openfire | |
| 81 | hosts: openfire.eenfach.de | |
| 82 | become: yes | |
| 83 | tasks: | |
| 84 | - name: copy cert files | |
| 85 | copy: | |
| 86 | src: 'acme/{{ item }}' | |
| 87 | dest: '/opt/openfire/openfire/resources/security/hotdeploy/{{ item }}' | |
| 88 | owner: openfire | |
| 89 | group: openfire | |
| 90 | mode: 0600 | |
| 91 | loop: | |
| 92 | - cert.pem | |
| 93 | - fullchain.pem | |
| 94 | - eenfach.de.key | |
