swcc.certbot
Certbot Ansible Role
This role installs Certbot from GitHub and retrieves an SSL certificate from Let's Encrypt for the specified domain.
Example Playbook
Here’s a basic example of a playbook using this role:
- hosts: webservers
roles:
- role: swcc.certbot
certbot_agree_tos: "--agree-tos"
certbot_admin_email: "[email protected]"
certbot_www_dir: "/var/www" # This directory is used for validating domains via HTTP file verification. Make sure your web server serves `/.well-known` from this directory.
Optional Parameters
| Variable | Type | Description |
|---|---|---|
certbot_auto_renew |
boolean |
Set to true if you want the certificate to renew automatically using cron. |
certbot_deploy_hook |
string |
Command to run after successfully renewing the certificate, e.g., /etc/init.d/nginx reload. |
certbot_host |
string |
The domain for which you want the certificate (defaults to ansible_host if not specified). |
certbot_extra_hosts |
array |
A list of additional domains that will also be covered by the certificate (for a multi-domain certificate). |
certbot_cert_name |
string |
The name of the certificate file created by Certbot. This ensures it is stored at /etc/letsencrypt/live/{{ certbot_cert_name }}/fullchain.pem on your machine. |
certbot_challenge_method |
string |
Choose webroot or nginx for the challenge verification method (use webroot if you have a web server; choose nginx if you don’t). |
Makefile for Easier Ansible Usage
To make running Ansible easier in the future, I created a simple Makefile. You can check it out here.
Download the *.deb package from the GitHub releases, install it, and start using it with ansible-make help.
License
GPLv3
Informazioni sul progetto
Install certbot to get Let's Encrypt SSL certificates
Installa
ansible-galaxy install swcc.certbotLicenza
gpl-3.0
Download
99
Proprietario