public_git
/
ansibleguy.infra_certs
mirror of https://github.com/ansibleguy/infra_certs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

saving result of existing letsencrypt-certificates (save time on redundant operation)

This commit is contained in:
AnsibleGuy 2023-09-15 16:59:42 +02:00
parent b5076cc7b2
commit 0ab735d319
No known key found for this signature in database
GPG Key ID: 52984C069F5AD3CD
1 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
tasks/debian/letsencrypt/main.yml
View File

@ -20,13 +20,19 @@
- name: Certificates | LetsEncrypt Certbot | Pulling existing certs (this can take some time) - name: Certificates | LetsEncrypt Certbot | Pulling existing certs (this can take some time)
ansible.builtin.command: "certbot certificates --config-dir {{ CERT_CONFIG.letsencrypt.path }}{% if debug or testing %} --staging{% endif %}" ansible.builtin.command: "certbot certificates --config-dir {{ CERT_CONFIG.letsencrypt.path }}{% if debug or testing %} --staging{% endif %}"
register: existing_certs_raw register: existing_certs_raw
when: le_existing_certs is undefined
changed_when: false changed_when: false
check_mode: false check_mode: false
timeout: 120 timeout: 300
- name: Certificates | LetsEncrypt Certbot | Setting existing certs
ansible.builtin.set_fact:
le_existing_certs: "{{ existing_certs_raw.stdout }}"
when: le_existing_certs is undefined
- name: Certificates | LetsEncrypt Certbot | Existing certificates - name: Certificates | LetsEncrypt Certbot | Existing certificates
ansible.builtin.debug: ansible.builtin.debug:
var: existing_certs_raw.stdout var: le_existing_certs
when: debug | bool when: debug | bool
- name: Certificates | LetsEncrypt Certbot | Adding certificates - name: Certificates | LetsEncrypt Certbot | Adding certificates
@ -38,7 +44,7 @@
le_cert: "{{ default_le_certbot_cert | combine(cert_item.value, recursive=true) }}" le_cert: "{{ default_le_certbot_cert | combine(cert_item.value, recursive=true) }}"
le_name: "{{ cert_item.key | safe_key }}" le_name: "{{ cert_item.key | safe_key }}"
le_path: "{{ CERT_CONFIG.letsencrypt.path }}/live/{{ le_name }}" le_path: "{{ CERT_CONFIG.letsencrypt.path }}/live/{{ le_name }}"
le_changed: "{{ existing_certs_raw.stdout | le_domains_changed(le_name, le_cert.domains) }}" le_changed: "{{ le_existing_certs | le_domains_changed(le_name, le_cert.domains) }}"
loop_control: loop_control:
loop_var: cert_item loop_var: cert_item
no_log: true no_log: true
@ -50,7 +56,7 @@
changed_when: false changed_when: false
when: when:
- le_cert.state != 'present' - le_cert.state != 'present'
- existing_certs_raw.stdout.find(le_name) != -1 - le_existing_certs.find(le_name) != -1
vars: vars:
le_cert: "{{ default_le_certbot_cert | combine(cert_item.value, recursive=true) }}" le_cert: "{{ default_le_certbot_cert | combine(cert_item.value, recursive=true) }}"
le_name: "{{ cert_item.key | safe_key }}" le_name: "{{ cert_item.key | safe_key }}"
@ -63,7 +69,7 @@
changed_when: false changed_when: false
when: when:
- le_cert.state != 'present' - le_cert.state != 'present'
- existing_certs_raw.stdout.find(le_name) != -1 - le_existing_certs.find(le_name) != -1
vars: vars:
le_cert: "{{ default_le_certbot_cert | combine(cert_item.value, recursive=true) }}" le_cert: "{{ default_le_certbot_cert | combine(cert_item.value, recursive=true) }}"
le_name: "{{ cert_item.key | safe_key }}" le_name: "{{ cert_item.key | safe_key }}"