From 630c882ef172d3fe393f1a3a5cd5346236849746 Mon Sep 17 00:00:00 2001 From: Adam Dyson Date: Thu, 10 May 2018 23:46:54 +1000 Subject: [PATCH] Fixed the CRON job command argument order --- defaults/main.yml | 1 - docs/README.md | 11 +++-------- tasks/configure.yml | 4 ++-- 3 files changed, 5 insertions(+), 11 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index f0f3d41..869a741 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -9,7 +9,6 @@ certbot_source_path: '/opt/certbot' certbot_source_repo: 'https://github.com/certbot/certbot.git' certbot_source_version: 'master' certbot_web_server_service_name: 'nginx' -certbot_auto_renew: yes certbot_auto_renew_hook: 'service {{ certbot_web_server_service_name }} reload' certbot_auto_renew_user: '{{ ansible_user }}' certbot_auto_renew_hour: '2' diff --git a/docs/README.md b/docs/README.md index 7efc4d3..2d647f6 100644 --- a/docs/README.md +++ b/docs/README.md @@ -9,13 +9,13 @@ certbot_source_path: '/opt/certbot' certbot_source_repo: 'https://github.com/certbot/certbot.git' certbot_source_version: 'master' certbot_web_server_service_name: 'nginx' -certbot_auto_renew: yes -certbot_auto_renew_user: 'web' +certbot_auto_renew_user: 'root' certbot_auto_renew_hour: '2' certbot_auto_renew_minute: '30' certbot_certificates: - email: 'admin@company.com' webroot: '/var/www/html/letsencript' + auto_renew: yes domains: - 'company.com' - 'www.company.com' @@ -65,12 +65,6 @@ certbot_web_server_service_name: 'nginx' The name of the daemon under which your web server runs. Typically this will be either `httpd`, `apache2` or `nginx` which is the default. The service will be gracefully reloaded when a certificate is changed or automatically renewed. -``` -certbot_auto_renew: yes -``` - -Whether a cron job should be created for automatically renewing certificates, valid values are `yes` or `no`. - ``` certbot_auto_renew_hook: 'service {{ certbot_web_server_service_name }} reload' ``` @@ -103,4 +97,5 @@ A list of certificates to create and manage. Each certificate expects three para * `email` The email address used to agree to Let's Encrypt's TOS and subscribe to cert-related notifications. * `webroot` The directory path Let's Encrypt's challenge files will be saved to. +* `auto_renew` Whether a cron job should be created for automatically renewing certificates, valid values are `yes` or `no`. * `domains` A list of domains associated with the certificate, the first domain will be used as the certificate file name. diff --git a/tasks/configure.yml b/tasks/configure.yml index 21ca6be..82a59ba 100644 --- a/tasks/configure.yml +++ b/tasks/configure.yml @@ -69,9 +69,9 @@ become: yes cron: name: 'Certbot automatic renewal of {{ item.domains | first }}' - job: '{{ certbot_script }} renew --webroot --cert-name {{ item.domains | first }} -n -w --quiet --no-self-upgrade {{ item.webroot }} --post-hook "{{ certbot_auto_renew_hook }}"' + job: '{{ certbot_script }} renew --webroot --cert-name {{ item.domains | first }} -n --quiet --no-self-upgrade -w {{ item.webroot }} --post-hook "{{ certbot_auto_renew_hook }}"' minute: '{{ certbot_auto_renew_minute }}' hour: '{{ certbot_auto_renew_hour }}' user: '{{ certbot_auto_renew_user }}' - state: '{{ certbot_auto_renew | ternary("present", "absent") }}' + state: '{{ item.auto_renew | ternary("present", "absent") }}' with_items: '{{ certbot_certificates }}' \ No newline at end of file