You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
114 lines
2.2 KiB
114 lines
2.2 KiB
2 years ago
|
- name: set acme_dns_cfg
|
||
|
|
set_fact:
|
||
|
|
acme_dns_cfg: "{{ acme_dns_default_config | d({}) | combine(acme_dns_config | d({}), recursive=true) }}"
|
||
|
|
|
||
|
|
|
||
|
|
- name: install dependencies
|
||
|
|
include_tasks: tasks/install_packages.yml
|
||
|
|
vars:
|
||
|
|
package:
|
||
|
|
- libcap
|
||
|
|
|
||
|
|
|
||
|
|
- name: create user and group
|
||
|
|
include_tasks: tasks/create_user.yml
|
||
|
|
vars:
|
||
|
|
user:
|
||
|
|
name: "{{ acme_dns_user }}"
|
||
|
|
group: "{{ acme_dns_group }}"
|
||
|
|
dir: "{{ acme_dns_dir }}"
|
||
|
|
|
||
|
|
|
||
|
|
- name: get and extract latest version of acme-dns
|
||
|
|
include_tasks: tasks/get_lastversion.yml
|
||
|
|
vars:
|
||
|
|
package:
|
||
|
|
name: fritterhoff/acme-dns
|
||
|
|
location: github
|
||
|
|
assets: yes
|
||
|
|
asset_filter: 'Linux_amd64.tar.gz$'
|
||
|
|
file: "{{ acme_dns_dir }}/last_version"
|
||
|
|
extract: "{{ acme_dns_dir }}"
|
||
|
|
user: "{{ acme_dns_user }}"
|
||
|
|
group: "{{ acme_dns_group }}"
|
||
|
|
notify: restart acme-dns
|
||
|
|
|
||
|
|
|
||
|
|
- name: delete unnecessary files
|
||
|
|
file:
|
||
|
|
path: "{{ acme_dns_dir }}/{{ item }}"
|
||
|
|
state: absent
|
||
|
|
loop:
|
||
|
|
- CHANGELOG.md
|
||
|
|
- LICENSE
|
||
|
|
- README.md
|
||
|
|
|
||
|
|
|
||
|
|
- name: template acme-dns config
|
||
|
|
template:
|
||
|
|
src: config.j2
|
||
|
|
dest: "{{ acme_dns_dir }}/config.cfg"
|
||
|
|
force: yes
|
||
|
|
mode: 0400
|
||
|
|
owner: "{{ acme_dns_user }}"
|
||
|
|
group: "{{ acme_dns_group }}"
|
||
|
|
lstrip_blocks: yes
|
||
|
|
notify: restart acme-dns
|
||
|
|
|
||
|
|
|
||
|
|
- name: template init script
|
||
|
|
template:
|
||
|
|
src: init.j2
|
||
|
|
dest: /etc/init.d/acme-dns
|
||
|
|
force: yes
|
||
|
|
mode: "+x"
|
||
|
|
notify: restart acme-dns
|
||
|
|
|
||
|
|
|
||
|
|
- name: ensure acme-dns binary has executable bit set
|
||
|
|
file:
|
||
|
|
path: "{{ acme_dns_dir }}/acme-dns"
|
||
|
|
mode: "+x"
|
||
|
|
|
||
|
|
|
||
|
|
- name: add cap_net_bind_service to acme-dns executable
|
||
|
|
community.general.capabilities:
|
||
|
|
path: "{{ acme_dns_dir }}/acme-dns"
|
||
|
|
capability: cap_net_bind_service+ep
|
||
|
|
changed_when: no
|
||
|
|
|
||
|
|
|
||
|
|
- name: set acme server address
|
||
|
|
set_fact:
|
||
|
|
acme_server: "http://127.0.0.1:{{ acme_dns_api_port }}"
|
||
|
|
|
||
|
|
|
||
|
|
- name: install and configure nginx
|
||
|
|
include_role:
|
||
|
|
name: nginx
|
||
|
|
vars:
|
||
|
|
nginx:
|
||
|
|
servers:
|
||
|
|
- conf: nginx_server
|
||
|
|
certs: "{{ host_tls }}"
|
||
|
|
|
||
|
|
|
||
|
|
- name: flush handlers
|
||
|
|
meta: flush_handlers
|
||
|
|
|
||
|
|
|
||
|
|
- name: add directories to backup plan
|
||
|
|
include_role:
|
||
|
|
name: backup
|
||
|
|
vars:
|
||
|
|
function: add
|
||
|
|
backup_items:
|
||
|
|
- "{{ acme_dns_dir }}"
|
||
|
|
|
||
|
|
|
||
|
|
- name: enable and start acme-dns
|
||
|
|
service:
|
||
|
|
name: acme-dns
|
||
|
|
state: started
|
||
|
|
enabled: yes
|