Compare commits
3 commits
a70180ad3b
...
801c42a2c3
Author | SHA1 | Date | |
---|---|---|---|
Dryusdan | 801c42a2c3 | ||
Dryusdan | 8d7b9407b2 | ||
Dryusdan | 433dc49665 |
|
@ -3,9 +3,11 @@
|
|||
- name: Process
|
||||
debug:
|
||||
var: certs['path']
|
||||
verbosity: 2
|
||||
tags:
|
||||
- configuration
|
||||
- config
|
||||
- froxlor
|
||||
|
||||
- name: Check if a certificate is currently still valid, ignoring failures
|
||||
openssl_certificate_info:
|
||||
|
@ -17,12 +19,12 @@
|
|||
tags:
|
||||
- configuration
|
||||
- config
|
||||
- froxlor
|
||||
|
||||
- name: "Copy only if certs is ok"
|
||||
ansible.builtin.shell: "cat {{ certs['path'] }}/fullchain.pem {{ certs['path'] }}/privkey.pem > /etc/haproxy/certs/{{ certs['path'] | basename }}.pem"
|
||||
when: validity_check.valid_at.day
|
||||
notify:
|
||||
- Reload HAProxy
|
||||
tags:
|
||||
- configuration
|
||||
- config
|
||||
- froxlor
|
||||
|
|
95
tasks/froxlor_hosts.yml
Normal file
95
tasks/froxlor_hosts.yml
Normal file
|
@ -0,0 +1,95 @@
|
|||
---
|
||||
- name: "Get all domains"
|
||||
ansible.builtin.uri:
|
||||
url: "{{ froxlor_url }}/api.php"
|
||||
method: "POST"
|
||||
headers:
|
||||
Content-Type: "application/json"
|
||||
Authorization: "Basic {{ froxlor_token }}"
|
||||
body: '{"command":"SubDomains.listing"}'
|
||||
status_code: 200
|
||||
body_format: "json"
|
||||
register: froxlor_domains
|
||||
delegate_to: localhost
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor == True
|
||||
tags:
|
||||
- froxlor
|
||||
|
||||
- debug:
|
||||
var: froxlor_domains["json"]["data"]
|
||||
verbosity: 2
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor == True
|
||||
tags:
|
||||
- froxlor
|
||||
|
||||
- name: Create a domain list
|
||||
set_fact:
|
||||
domains: []
|
||||
delegate_to: localhost
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor == True
|
||||
tags:
|
||||
- froxlor
|
||||
|
||||
- name: Append domain in domain list
|
||||
set_fact:
|
||||
domains: "{{ domains + [item['domain']] }}"
|
||||
delegate_to: localhost
|
||||
loop: "{{ froxlor_domains['json']['data']['list'] }}"
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor == True
|
||||
- item["documentroot"] != "/var/www/html/"
|
||||
tags:
|
||||
- froxlor
|
||||
|
||||
- name: "Make a list"
|
||||
ansible.builtin.template:
|
||||
src: etc/haproxy/froxlor.j2
|
||||
dest: /etc/haproxy/froxlor.txt
|
||||
tags:
|
||||
- froxlor
|
||||
notify:
|
||||
- Reload HAProxy
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor
|
||||
|
||||
- name: "Generate let's encrypt certificate"
|
||||
ansible.builtin.shell: "certbot certonly --non-interactive --standalone --http-01-port 63443 --email {{ hap_letsencrypt_email }} --agree-tos {% for domain in item.acl_domain %} -d {{ item }} {% endfor %} --expand --key-type ecdsa --elliptic-curve secp384r1;"
|
||||
loop: "{{ domains }}"
|
||||
when:
|
||||
tags:
|
||||
- froxlor
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor
|
||||
|
||||
- name: "Find all certs directory"
|
||||
ansible.builtin.find:
|
||||
paths: /etc/letsencrypt/live
|
||||
recurse: no
|
||||
file_type: directory
|
||||
register: find_certs
|
||||
tags:
|
||||
- froxlor
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor
|
||||
|
||||
- name: "Copy certificate for HAProxy"
|
||||
include_tasks: copy_certs.yml
|
||||
loop: "{{ find_certs['files'] }}"
|
||||
loop_control:
|
||||
loop_var: certs
|
||||
tags:
|
||||
- froxlor
|
||||
when:
|
||||
- use_froxlor is defined
|
||||
- use_froxlor
|
||||
|
|
@ -1,6 +1,6 @@
|
|||
---
|
||||
- name: "Generate let's encrypt certificate"
|
||||
ansible.builtin.shell: "certbot certonly --non-interactive --standalone --http-01-port 63443 --email {{ nginx_letsencrypt_email }} --agree-tos {% for domain in item.acl_domain %} -d {{ domain }} {% endfor %} --expand --key-type ecdsa --elliptic-curve secp384r1;"
|
||||
ansible.builtin.shell: "certbot certonly --non-interactive --standalone --http-01-port 63443 --email {{ hap_letsencrypt_email }} --agree-tos {% for domain in item.acl_domain %} -d {{ domain }} {% endfor %} --expand --key-type ecdsa --elliptic-curve secp384r1;"
|
||||
loop: "{{ frontend.use_backends }}"
|
||||
when:
|
||||
- item.acl_domain is defined
|
||||
|
|
3
templates/etc/haproxy/froxlor.j2
Normal file
3
templates/etc/haproxy/froxlor.j2
Normal file
|
@ -0,0 +1,3 @@
|
|||
{% for domain in domains %}
|
||||
{{ domain }}
|
||||
{% endfor %}
|
Loading…
Reference in a new issue