25 lines
1.1 KiB
YAML
25 lines
1.1 KiB
YAML
- block:
|
|
- name: Install the socat utility, needed when using the http protocols to request the certificates
|
|
yum: pkg=socat state=present
|
|
|
|
- name: Install the git client if we are installing using git
|
|
yum: pkg=git state=present
|
|
when: letsencrypt_acme_sh_git_install
|
|
|
|
- name: Activate the firewalld rule for the http, if we require certificates using the http protocol
|
|
firewalld: service=http zone={{ firewalld_default_zone }} permanent=True state=enabled immediate=True
|
|
with_items: '{{ letsencrypt_acme_sh_domains }}'
|
|
when:
|
|
- item.standalone is defined
|
|
- firewalld_enabled is defined and firewalld_enabled
|
|
- letsencrypt_firewalld_http_enabled_on_default_zone
|
|
|
|
- name: Custom firewalld rule for http
|
|
firewalld: service={{ item.service}} zone={{ item.zone }} permanent={{ item.permanent | default(True) }} state={{ item.state }} immediate=True
|
|
with_items: '{{ letsencrypt_firewalld_services }}'
|
|
when:
|
|
- firewalld_enabled is defined and firewalld_enabled
|
|
- not letsencrypt_firewalld_http_enabled_on_default_zone
|
|
|
|
tags: [ 'letsencrypt', 'letsencrypt_acme_sh' ]
|