39 lines
1.4 KiB
YAML
39 lines
1.4 KiB
YAML
- name: Packages in EL derivatives
|
|
tags: ['letsencrypt', 'letsencrypt_acme_sh']
|
|
block:
|
|
- name: Install the socat utility, needed when using the http protocols to request the certificates
|
|
ansible.builtin.yum:
|
|
pkg: socat
|
|
state: present
|
|
|
|
- name: Install the git client if we are installing using git
|
|
ansible.builtin.yum:
|
|
pkg: git
|
|
state: present
|
|
when: letsencrypt_acme_sh_git_install
|
|
|
|
- name: Activate the firewalld rule for the http, if we require certificates using the http protocol
|
|
ansible.posix.firewalld:
|
|
service: http
|
|
zone: "{{ firewalld_default_zone }}"
|
|
permanent: true
|
|
state: enabled
|
|
immediate: true
|
|
with_items: '{{ letsencrypt_acme_sh_domains }}'
|
|
when:
|
|
- item.standalone is defined
|
|
- firewalld_enabled is defined and firewalld_enabled
|
|
- letsencrypt_firewalld_http_enabled_on_default_zone
|
|
|
|
- name: Custom firewalld rule for http
|
|
ansible.posix.firewalld:
|
|
service: "{{ item.service}}"
|
|
zone: "{{ item.zone }}"
|
|
permanent: "{{ item.permanent | default(true) }}"
|
|
state: "{{ item.state }}"
|
|
immediate: true
|
|
loop: '{{ letsencrypt_firewalld_services }}'
|
|
when:
|
|
- firewalld_enabled is defined and firewalld_enabled
|
|
- not letsencrypt_firewalld_http_enabled_on_default_zone
|