Fixed the CRON job command argument order

ontic · May 10, 2018 · 630c882 · 630c882
1 parent 031e172
commit 630c882
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 11 deletions.
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -9,7 +9,6 @@ certbot_source_path: '/opt/certbot'
 certbot_source_repo: 'https://github.com/certbot/certbot.git'
 certbot_source_version: 'master'
 certbot_web_server_service_name: 'nginx'
-certbot_auto_renew: yes
 certbot_auto_renew_hook: 'service {{ certbot_web_server_service_name }} reload'
 certbot_auto_renew_user: '{{ ansible_user }}'
 certbot_auto_renew_hour: '2'

diff --git a/docs/README.md b/docs/README.md
@@ -9,13 +9,13 @@ certbot_source_path: '/opt/certbot'
 certbot_source_repo: 'https://github.com/certbot/certbot.git'
 certbot_source_version: 'master'
 certbot_web_server_service_name: 'nginx'
-certbot_auto_renew: yes
-certbot_auto_renew_user: 'web'
+certbot_auto_renew_user: 'root'
 certbot_auto_renew_hour: '2'
 certbot_auto_renew_minute: '30'
 certbot_certificates:
   - email: 'admin@company.com'
     webroot: '/var/www/html/letsencript'
+    auto_renew: yes
     domains:
       - 'company.com'
       - 'www.company.com'
@@ -65,12 +65,6 @@ certbot_web_server_service_name: 'nginx'
 The name of the daemon under which your web server runs. Typically this will be either `httpd`, `apache2` or `nginx`
 which is the default. The service will be gracefully reloaded when a certificate is changed or automatically renewed.
 
-```
-certbot_auto_renew: yes
-```
-
-Whether a cron job should be created for automatically renewing certificates, valid values are `yes` or `no`.
-
 ```
 certbot_auto_renew_hook: 'service {{ certbot_web_server_service_name }} reload'
 ```
@@ -103,4 +97,5 @@ A list of certificates to create and manage. Each certificate expects three para
 
 * `email` The email address used to agree to Let's Encrypt's TOS and subscribe to cert-related notifications.
 * `webroot` The directory path Let's Encrypt's challenge files will be saved to.
+* `auto_renew` Whether a cron job should be created for automatically renewing certificates, valid values are `yes` or `no`.
 * `domains` A list of domains associated with the certificate, the first domain will be used as the certificate file name.
diff --git a/tasks/configure.yml b/tasks/configure.yml
@@ -69,9 +69,9 @@
   become: yes
   cron:
     name: 'Certbot automatic renewal of {{ item.domains | first }}'
-    job: '{{ certbot_script }} renew --webroot --cert-name {{ item.domains | first }} -n -w --quiet --no-self-upgrade {{ item.webroot }} --post-hook "{{ certbot_auto_renew_hook }}"'
+    job: '{{ certbot_script }} renew --webroot --cert-name {{ item.domains | first }} -n --quiet --no-self-upgrade -w {{ item.webroot }} --post-hook "{{ certbot_auto_renew_hook }}"'
     minute: '{{ certbot_auto_renew_minute }}'
     hour: '{{ certbot_auto_renew_hour }}'
     user: '{{ certbot_auto_renew_user }}'
-    state: '{{ certbot_auto_renew | ternary("present", "absent") }}'
+    state: '{{ item.auto_renew | ternary("present", "absent") }}'
   with_items: '{{ certbot_certificates }}'