| | |
| | | - _certbot_use_cache: True |
| | | - _certbot_force_issue: False |
| | | - _certbot_production: True |
| | | - _certbot_cron_job_name: LETS_ENCRYPT_RENEW |
| | | # production false results in unusable certificates |
| | | # (not possible to login to OCP) |
| | | # - _certbot_production: "{{ lets_encrypt_production|d(False)|bool}}" |
| | | |
| | | - name: Install redeploy hook scripts |
| | | copy: |
| | | src: ./files/deploy_certs.sh |
| | | dest: "/home/{{ ansible_user }}/certbot/renewal-hooks/deploy/deploy_certs.sh" |
| | | mode: 0775 |
| | | owner: "{{ ansible_user }}" |
| | | - name: Install redeploy hook playbook and cert secret template |
| | | copy: |
| | | src: "./files/{{ item }}" |
| | | dest: "/home/{{ ansible_user }}/certbot/renewal-hooks/deploy/{{ item }}" |
| | | mode: 0664 |
| | | owner: "{{ ansible_user }}" |
| | | loop: |
| | | - deploy_certs.yml |
| | | - router-certs.j2 |
| | | |
| | | - name: Read Certificate |
| | | slurp: |
| | | src: "$HOME/certificates/fullchain.pem" |
| | |
| | | - name: workload tasks complete |
| | | debug: |
| | | msg: "Workload Tasks completed successfully." |
| | | when: not silent|bool |
| | | when: not silent|bool |