- name: set acme_dns_cfg set_fact: acme_dns_cfg: "{{ acme_dns_default_config | d({}) | combine(acme_dns_config | d({}), recursive=true) }}" - name: install dependencies include_tasks: tasks/install_packages.yml vars: package: - libcap - name: create user and group include_tasks: tasks/create_user.yml vars: user: name: "{{ acme_dns_user }}" group: "{{ acme_dns_group }}" dir: "{{ acme_dns_dir }}" - name: get and extract latest version of acme-dns include_tasks: tasks/get_lastversion.yml vars: package: name: fritterhoff/acme-dns location: github assets: yes asset_filter: 'Linux_amd64.tar.gz$' file: "{{ acme_dns_dir }}/last_version" extract: "{{ acme_dns_dir }}" user: "{{ acme_dns_user }}" group: "{{ acme_dns_group }}" notify: restart acme-dns - name: delete unnecessary files file: path: "{{ acme_dns_dir }}/{{ item }}" state: absent loop: - CHANGELOG.md - LICENSE - README.md - name: template acme-dns config template: src: config.j2 dest: "{{ acme_dns_dir }}/config.cfg" force: yes mode: 0400 owner: "{{ acme_dns_user }}" group: "{{ acme_dns_group }}" lstrip_blocks: yes notify: restart acme-dns - name: template init script template: src: init.j2 dest: /etc/init.d/acme-dns force: yes mode: "+x" notify: restart acme-dns - name: ensure acme-dns binary has executable bit set file: path: "{{ acme_dns_dir }}/acme-dns" mode: "+x" - name: add cap_net_bind_service to acme-dns executable community.general.capabilities: path: "{{ acme_dns_dir }}/acme-dns" capability: cap_net_bind_service+ep changed_when: no - name: set acme server address set_fact: acme_server: "http://127.0.0.1:{{ acme_dns_api_port }}" - name: install and configure nginx include_role: name: nginx vars: nginx: servers: - conf: nginx_server certs: "{{ host_tls }}" - name: flush handlers meta: flush_handlers - name: add directories to backup plan include_role: name: backup vars: function: add backup_items: - "{{ acme_dns_dir }}" - name: enable and start acme-dns service: name: acme-dns state: started enabled: yes