ISTI-ansible-roles
/
ansible-role-letsencrypt-acme-sh-client
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove some obsolete tasks.

This commit is contained in:
Andrea Dell'Amico 2022-06-03 00:10:05 +02:00
parent ad98040469
commit 9742cec3e7
Signed by: adellam
GPG Key ID: 147ABE6CEB9E20FF
1 changed files with 1 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
tasks/main.yml
View File

@ -5,18 +5,6 @@
- import_tasks: acmetool_rh.yml - import_tasks: acmetool_rh.yml
when: ansible_distribution_file_variety == "RedHat" when: ansible_distribution_file_variety == "RedHat"
- block:
- name: Remove the sudoers config needed to run the old acmetool package hooks
file: dest=/etc/sudoers.d/letsencrypt-acme state=absent
- name: Remove the old acmetool script that requested certificates
file: dest=/usr/local/bin/acme-cert-request state=absent
- name: Remove the old letsencrypt cron job
cron: name="Letsencrypt certificate renewal" user={{ letsencrypt_acme_user }} state=absent
tags: [ 'letsencrypt', 'letsencrypt_acme_sh' ]
- block: - block:
- name: Create the letsencrypt acme user - name: Create the letsencrypt acme user
user: name={{ letsencrypt_acme_sh_user }} home={{ letsencrypt_acme_sh_user_home }} createhome=no shell=/usr/sbin/nologin system=yes user: name={{ letsencrypt_acme_sh_user }} home={{ letsencrypt_acme_sh_user_home }} createhome=no shell=/usr/sbin/nologin system=yes
@ -95,16 +83,6 @@
template: src=account.conf.j2 dest={{ letsencrypt_acme_sh_base_data_dir }}/data/account.conf mode=0640 template: src=account.conf.j2 dest={{ letsencrypt_acme_sh_base_data_dir }}/data/account.conf mode=0640
tags: [ 'letsencrypt', 'letsencrypt_account_conf', 'letsencrypt_acme_sh' ] tags: [ 'letsencrypt', 'letsencrypt_account_conf', 'letsencrypt_acme_sh' ]
- name: Remove the daily cron job that run as acme user.
cron:
name: "Letsencrypt certificate renewal"
day: '{{ letsencrypt_acme_cron_day_of_month }}'
hour: '{{ letsencrypt_acme_cron_hour }}'
minute: '{{ letsencrypt_acme_cron_minute }}'
job: "/usr/local/bin/acme-sh-cron-script > {{ letsencrypt_acme_sh_log_dir }}/acme-cron.log 2>&1"
state: absent
tags: [ 'letsencrypt', 'letsencrypt_cron', 'letsencrypt_acme_sh' ]
become: True become: True
become_user: '{{ letsencrypt_acme_sh_user }}' become_user: '{{ letsencrypt_acme_sh_user }}'
when: letsencrypt_acme_sh_install | bool when: letsencrypt_acme_sh_install | bool
@ -115,20 +93,12 @@
file: dest={{ letsencrypt_acme_sh_base_data_dir }}/data/ok_certificate_issued state=absent file: dest={{ letsencrypt_acme_sh_base_data_dir }}/data/ok_certificate_issued state=absent
when: acme_sh_issue is changed when: acme_sh_issue is changed
- name: Request the certificates. As root because we must bind on port 80 - name: Request the certificates.
shell: /usr/local/bin/acme-sh-request-cert shell: /usr/local/bin/acme-sh-request-cert
args: args:
creates: '{{ letsencrypt_acme_sh_base_data_dir }}/data/ok_certificate_issued' creates: '{{ letsencrypt_acme_sh_base_data_dir }}/data/ok_certificate_issued'
register: acme_sh_certificate_issued register: acme_sh_certificate_issued
- name: Check if the 'live' path is a symling. It is, if acmetool was installed
stat: path={{ letsencrypt_acme_sh_certificates_install_path }}
register: is_symlink
- name: Remove the 'live' path if it was a symlink
file: dest={{ letsencrypt_acme_sh_certificates_install_path }} state=absent
when: is_symlink.stat.islnk is defined and is_symlink.stat.islnk
- name: Create the certificates installation directory - name: Create the certificates installation directory
file: dest={{ letsencrypt_acme_sh_certificates_install_path }} state=directory owner=root group=root mode=0755 file: dest={{ letsencrypt_acme_sh_certificates_install_path }} state=directory owner=root group=root mode=0755