33 lines
904 B
YAML
33 lines
904 B
YAML
---
|
|
- name: Install openssl
|
|
apt:
|
|
name: openssl
|
|
state: present
|
|
|
|
- name: install Certbot Nginx plugin
|
|
apt:
|
|
name: python3-certbot
|
|
when: installCertbot == True
|
|
|
|
- name: Create Directory for Domain self-signed
|
|
file:
|
|
path: /etc/ssl/{{ domain }}
|
|
state: directory
|
|
mode: '0755'
|
|
when: installCertbot == False
|
|
|
|
- name: Create self-signed certificate, if configured.
|
|
shell: openssl req -x509 -nodes -subj '/CN={{ domain }}' -days 3650 -newkey rsa:4096 -sha256 -keyout /etc/ssl/"{{ domain }}".key -out /etc/ssl/"{{ domain }}".crt
|
|
when: installCertbot == False
|
|
|
|
- name: Open port 80 for letsencrypt challenge
|
|
ufw:
|
|
rule: allow
|
|
port: 80
|
|
proto: tcp
|
|
when: installCertbot == True
|
|
|
|
- name: Create self-signed certificate, if configured.
|
|
shell: "certbot certonly --{{ mode }} -d {{ domain }} {{ alt_domains }} -m {{ email }} --agree-tos"
|
|
when: installCertbot == True
|