Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
Neutrinet
infra-ansible
Commits
052b5494
Commit
052b5494
authored
Aug 19, 2021
by
HgO
Browse files
same hooks for all domains
parent
758b6b0d
Pipeline
#423
passed with stage
in 2 minutes and 36 seconds
Changes
7
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
inventories/group_vars/haproxy.yml
View file @
052b5494
...
...
@@ -15,12 +15,7 @@ letsencrypt_dns_gandi_sharing_id: !vault |
6632383964373738663761343065306137313163303838633763
letsencrypt_staging
:
false
letsencrypt_domains
:
-
name
:
neutrinet.be
hooks
:
deploy
:
-
/etc/letsencrypt/hooks.d/haproxy.py
post
:
-
systemctl reload haproxy
-
neutrinet.be
haproxy
:
-
hostname
:
neutrinet.be
...
...
roles/haproxy/molecule/default/group_vars/all.yml
deleted
100644 → 0
View file @
758b6b0d
letsencrypt_domains
:
-
name
:
neutrinet.be
hooks
:
deploy
:
-
/etc/letsencrypt/hooks.d/haproxy.py
post
:
-
systemctl reload haproxy
roles/haproxy/tasks/main.yml
View file @
052b5494
...
...
@@ -8,6 +8,10 @@
vars
:
letsencrypt_hook_scripts
:
-
haproxy.py
letsencrypt_deploy_hooks
:
-
/etc/letsencrypt/hooks.d/haproxy.py
letsencrypt_post_hooks
:
-
systemctl reload haproxy
tags
:
[
'
letsencrypt'
]
-
name
:
Installation des plugins Telegraf
import_role
:
...
...
roles/haproxy/templates/telegraf/haproxy.conf.j2
View file @
052b5494
...
...
@@ -12,8 +12,8 @@
## Prefix your entry with 'file://' if you intend to use relative paths
sources = [
{% for domain in letsencrypt_domains %}
"/etc/haproxy/ssl/{{ domain
.name
| replace('.', '-') }}-rsa.pem",
"/etc/haproxy/ssl/{{ domain
.name
| replace('.', '-') }}-ecdsa.pem"{% if not loop.last %},{% endif %}
"/etc/haproxy/ssl/{{ domain | replace('.', '-') }}-rsa.pem",
"/etc/haproxy/ssl/{{ domain | replace('.', '-') }}-ecdsa.pem"{% if not loop.last %},{% endif %}
{% endfor %}
]
roles/letsencrypt/defaults/main.yml
View file @
052b5494
...
...
@@ -16,8 +16,7 @@ letsencrypt_dns_gandi_sharing_id: !vault |
letsencrypt_staging
:
true
letsencrypt_hook_scripts
:
[]
letsencrypt_deploy_hooks
:
[]
letsencrypt_post_hooks
:
[]
letsencrypt_domains
:
-
name
:
neutrinet.be
hooks
:
deploy
:
[]
post
:
[]
-
neutrinet.be
roles/letsencrypt/tasks/gandi/create.yml
View file @
052b5494
---
-
name
:
Définition du nom du certificat {{ algorithm | upper }} {{ domain.name }}
-
name
:
Définition du nom du certificat {{ algorithm | upper }} {{ domain }}
set_fact
:
cert_name
:
"
{{
domain
.name
|
replace('.',
'-')
}}-{{
algorithm
}}"
cert_name
:
"
{{
domain
|
replace('.',
'-')
}}-{{
algorithm
}}"
-
name
:
Test si le certificat {{ algorithm | upper }} {{ domain
.name
}} existe
-
name
:
Test si le certificat {{ algorithm | upper }} {{ domain }} existe
stat
:
path
:
/etc/letsencrypt/live/{{ cert_name }}/cert.pem
register
:
letsencrypt_domain
-
name
:
Création du certificat {{ algorithm | upper }} {{ domain
.name
}}
-
name
:
Création du certificat {{ algorithm | upper }} {{ domain }}
command
:
>
/opt/letsencrypt/bin/certbot certonly
--non-interactive
...
...
@@ -23,13 +22,13 @@
--rsa-key-size 4096
{% endif %}
--cert-name {{ cert_name }}
--domain {{ domain
.name
}}
--domain *\.{{ domain
.name
}}
{% for hook in
domain.hooks.deploy | default([])
%}
--domain {{ domain }}
--domain *\.{{ domain }}
{% for hook in
letsencrypt_deploy_hooks
%}
--deploy-hook {{ hook | quote }}
{% endfor %}
{% for hook in
domain.hooks.post | default([])
%}
{% for hook in
letsencrypt_post_hooks
%}
--post-hook {{ hook | quote }}
{% endfor %}
...
...
roles/letsencrypt/tasks/main.yml
View file @
052b5494
...
...
@@ -82,4 +82,3 @@
loop
:
"
{{
letsencrypt_domains
}}"
loop_control
:
loop_var
:
domain
label
:
"
{{
domain.name
}}"
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment