Skip to content

Commit

Permalink
Merge pull request #7 from coopdevs/make-cert-name-optional
Browse files Browse the repository at this point in the history 
Make cert name optional
  • Loading branch information
@enricostano
enricostano authored Nov 22, 2018
2 parents adc1a49 + 6a16c08 commit 2f24488
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 4 deletions.
4 changes: 4 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,11 @@ Role Variables
```yaml
domain_name: www.mydomain.io
letsencrypt_email: myaccount@letsencrypt.org
certbot_nginx_cert_name: mycert # optional
```
if set, `certbot_nginx_cert_name`'s value will be passed to the certbot's `--cert-name` argument, which is used to identify the certificate in certbot command such as `certbot delete`. You will see a list of certificates identified with this name by running `certbot certificates`. This name will also be used as the file paths for the certificate in `/etc/letsencrypt/live/`.

Example Playbook
----------------

Expand All @@ -25,6 +28,7 @@ Example Playbook
- role: coopdevs.certbot-nginx
domain_name: www.mydomain.io
letsencrypt_email: myaccount@letsencrypt.org
certbot_nginx_cert_name: mycert
```

Let's Encrypt Staging Environment
Expand Down
8 changes: 4 additions & 4 deletions tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,19 +6,19 @@

- name: Install certbot
package:
name: letsencrypt
name: "certbot=0.26.1-1+ubuntu{{ ansible_distribution_version }}.1+certbot+2"
state: present

- name: Install certbot-nginx plugin
package:
name: python-certbot-nginx
name: "python-certbot-nginx=0.25.0-2+ubuntu{{ ansible_distribution_version }}.1+certbot+1"
state: present

- name: Check if certificate already exists
stat:
path: "/etc/letsencrypt/live/{{ domain_name }}/cert.pem"
path: "/etc/letsencrypt/live/{{ certbot_nginx_cert_name | default(domain_name, true) }}/cert.pem"
register: letsencrypt_cert

- name: Generate new certificate if one doesn't exist
shell: "certbot certonly --nginx --cert-name {{ cert_name }} --email {{ letsencrypt_email }} --agree-tos -d {{ domain_name }} {% if letsencrypt_staging %} --staging {% endif %}"
shell: "certbot certonly --nginx --email '{{ letsencrypt_email }}' --agree-tos -d '{{ domain_name }}' {% if certbot_nginx_cert_name %} --cert-name '{{ certbot_nginx_cert_name }}' {% endif %} {% if letsencrypt_staging %} --staging {% endif %}"
when: not letsencrypt_cert.stat.exists

0 comments on commit 2f24488

Please sign in to comment.