acme_tiny
Ansible Role: ganto.acme_tiny
This Ansible role will setup and renew SSL certificates from the Let's Encrypt certificate authority with help of the minimal acme-tiny Python client. It can be used to generate and send the initial certificate request as well as run by e.g. a cron job for regularly renewing the certificate and restart the secured services after the certificate has been replaced.
Installation
This role requires at least Ansible v2.8.0
. To install it run:
ansible-galaxy install ganto.acme_tiny
Documentation
The role documentation is available online at gantoacme-tiny.readthedocs.io.
It can be built locally from the docs directory by running:
cd docs && make html
Development
Testing
There is a Molecule test profile that can
be used to verify the basic functionality of the role. The default scenario is
using the podman container driver. If you prefer
docker you can select the corresponding scenario
with the -s docker
molecule arguments.
- Ensure you have the necessary dependencies installed (e.g. in a Python venv):
pip install -r molecule/default/requirements.txt # for podman
# or
pip install -r molecule/docker/requirements.txt # for docker
- Run the test suite. The options in brackets are optional but useful if you need to troubleshoot issues:
molecule [-vvv] test [--destroy never][-s docker]
- If you used
--destroy never
the container will remain after the test run and can be inspected interactively via:
podman exec -it <container-id> /bin/sh # for podman
# or
docker exec -it <container-id> /bin/sh # for docker
- Once you're done with inspecting the instance it has to be deleted before a new test run can be started:
molecule destroy [-s docker]
Author
The acme_tiny
Ansible role was written by:
License: GPLv3
ansible-galaxy install ganto/ansible-acme_tiny