Skip to content

kressi/ansible-letsencrypt

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

letsencrypt

This role does the following:

  1. Ensure you have a private key for your acme account.
  2. Ensure you have a private key for your certificate.
  3. Ensure you have a certificate signing request.
  4. Then a challenge is requested from letsencrypt.
  5. http-01 challenge is implemented.
  6. The certficate from letsencrypt is requested.
  7. The challenge implementation is removed.
  8. The server configuration is updated with the ssl certificates.

Role Variables

Variables in vars/main.yml

name default description
domain_name my.example.com Your domain
acme_baseurl acme-staging-v02.api.letsencrypt.org Production: acme-v02.api.letsencrypt.org
Staging: acme-staging-v02.api.letsencrypt.org
acme_directory https://{{ acme_baseurl }}/directory
acme_email [email protected] Your acme account mail
letsencrypt_dir /etc/letsencrypt Certificate and key root directory
letsencrypt_account_key "{{ letsencrypt_dir }}/accounts/{{ acme_baseurl }}.pem" ACME account key
letsencrypt_privkey "{{ letsencrypt_dir }}/{{ domain_name }}/privkey.pem"
letsencrypt_chain "{{ letsencrypt_dir }}/{{ domain_name }}/chain.pem"
letsencrypt_fullchain "{{ letsencrypt_dir }}/{{ domain_name }}/fullchain.pem"
letsencrypt_cert "{{ letsencrypt_dir }}/{{ domain_name }}/cert.pem"
letsencrypt_csr "{{ letsencrypt_dir }}/csr/{{ domain_name }}.pem"
cert.common_name "{{ domain_name }}"
cert.country "CH" Your country
cert.email_address "{{ acme_email }}"
cert.subject_alt_name ['DNS:{{ domain_name }}']
nginx_options_ssl "{{ letsencrypt_dir }}/options-ssl-nginx.conf"
nginx_dhparams "{{ letsencrypt_dir }}/ssl-dhparams.pem"

A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.

Example Playbook

- hosts: api
  gather_facts: no
  become: true
  roles:
    - letsencrypt

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published