cc619fe589
Add a new review-dev server on the opendev domain with LE support enabled. Depends-On: https://review.opendev.org/705661 Change-Id: Ie32124cd617e9986602301f230e83bb138524fdf
38 lines
759 B
YAML
38 lines
759 B
YAML
- name: Install acme.sh client
|
|
git:
|
|
repo: https://github.com/Neilpang/acme.sh
|
|
dest: /opt/acme.sh
|
|
version: dev
|
|
|
|
- name: Install letsencrypt group
|
|
group:
|
|
name: letsencrypt
|
|
state: present
|
|
gid: "{{ letsencrypt_gid | default(omit) }}"
|
|
|
|
- name: Install driver script
|
|
copy:
|
|
src: driver.sh
|
|
dest: /opt/acme.sh/driver.sh
|
|
mode: 0755
|
|
|
|
- name: Setup log directory
|
|
file:
|
|
path: /var/log/acme.sh
|
|
state: directory
|
|
mode: 0755
|
|
|
|
- name: Setup log rotation
|
|
include_role:
|
|
name: logrotate
|
|
vars:
|
|
logrotate_file_name: /var/log/acme.sh/acme.sh.log
|
|
|
|
- name: Setup top level cert directory
|
|
file:
|
|
path: /etc/letsencrypt-certs
|
|
state: directory
|
|
owner: root
|
|
group: letsencrypt
|
|
mode: u=rwx,g=rx,o=,g+s
|