Merge remote-tracking branch 'origin/master' into HEAD

# Conflicts: # meta/main.yml # tasks/main.yml # vars/Debian-7.yml # vars/RedHat.yml # vars/Ubuntu-14.yml # vars/default.yml
LIP-Computing · Feb 19, 2017 · 081da00 · 081da00
2 parents b8ab74b + e9b1041
commit 081da00
Show file tree

Hide file tree

Showing 7 changed files with 90 additions and 51 deletions.
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -6,7 +6,7 @@
   letsencrypt_webroot_path: /var/www
   letsencrypt_authenticator: webroot
   letsencrypt_email: "webmaster@{{ ansible_domain }}"
-  letsencrypt_command: "{{ letsencrypt_venv }}/bin/letsencrypt --agree-tos  {% if letsencrypt_rsa_key_size is defined %}--rsa-key-size {{ letsencrypt_rsa_key_size }}{% endif %} --text {% for domain in letsencrypt_cert_domains %}-d {{ domain }} {% endfor %}--email {{ letsencrypt_email }} {% if letsencrypt_server is defined %}--server {{ letsencrypt_server }}{% endif %} --expand"
+  letsencrypt_command: "{{ letsencrypt_venv }}/bin/letsencrypt -n --agree-tos  {% if letsencrypt_rsa_key_size is defined %}--rsa-key-size {{ letsencrypt_rsa_key_size }}{% endif %} --text {% for domain in letsencrypt_cert_domains %}-d {{ domain }} {% endfor %}--email {{ letsencrypt_email }} {% if letsencrypt_server is defined %}--server {{ letsencrypt_server }}{% endif %} --expand"
   letsencrypt_renewal_frequency:
     day: "*"
     hour: 0

diff --git a/meta/main.yml b/meta/main.yml
@@ -14,6 +14,9 @@ galaxy_info:
     - name: Debian
       versions:
         - jessie
+    - name: EL
+      versions:
+        - 7
     - name: CentOS
       versions:
         - 7.2

diff --git a/tasks/main.yml b/tasks/main.yml
@@ -1,32 +1,37 @@
 ---
   - apt: update_cache=yes cache_valid_time=3600
     become: yes
+    when: ansible_pkg_mgr == "apt"
     tags: install
-    when: ansible_os_family == "Debian"
 
   - include_vars: "{{ item }}"
     with_first_found:
       - "../vars/{{ ansible_distribution }}-{{ ansible_distribution_major_version | int }}.yml"
       - "../vars/{{ ansible_distribution }}.yml"
       - "../vars/{{ ansible_os_family }}.yml"
       - "../vars/default.yml"
+    when: virtualenv_package_name is not defined
     tags: install
 
   - name: Install depends
     package: name={{ item }} state=present
     become: yes
-    with_items: "{{ install_packages }}"
+    with_items: "{{ letsencrypt_depends | default([]) }}"
     tags: install
 
   - name: Install virtualenv
     package: name={{ item }} state=present
     become: yes
-    with_items:
-      - "{{ virtualenv_package_name }}"
+    with_items: "{{ virtualenv_package_name | default([]) }}"
     tags: install
 
   - name: Install python depends
-    pip: virtualenv="{{ letsencrypt_venv }}" virtualenv_site_packages=no name={{ item }} state=latest virtualenv_python=python2
+    pip:
+      virtualenv: "{{ letsencrypt_venv }}"
+      virtualenv_site_packages: no
+      name: "{{ item }}"
+      state: latest
+      virtualenv_python: python2
     become: yes
     with_items:
       - setuptools
@@ -41,12 +46,19 @@
     when: ansible_os_family == "RedHat"
 
   - name: More python depends
-    pip: virtualenv="{{ letsencrypt_venv }}" virtualenv_site_packages=no name=letsencrypt state=latest
+    pip:
+      virtualenv: "{{ letsencrypt_venv }}"
+      virtualenv_site_packages: no
+      name: letsencrypt
+      state: latest
     become: yes
     tags: install
 
   - name: Ensure webroot exists
-    file: path="{{ letsencrypt_webroot_path }}" state=directory follow=yes
+    file:
+      path: "{{ letsencrypt_webroot_path }}"
+      state: directory
+      follow: yes
     become: yes
 
   - name: Attempt to get the certificate using the webroot authenticator
@@ -64,7 +76,11 @@
       creates: "/etc/letsencrypt/live/{{ letsencrypt_cert_domains[0] }}"
 
   - name: Fix the renewal file
-    ini_file: section=renewalparams option={{ item.key }} value={{ item.value }} dest="/etc/letsencrypt/renewal/{{ letsencrypt_cert_domains[0] }}.conf"
+    ini_file:
+      section: renewalparams
+      option: "{{ item.key }}"
+      value: "{{ item.value }}"
+      dest: "/etc/letsencrypt/renewal/{{ letsencrypt_cert_domains[0] }}.conf"
     become: yes
     with_dict:
       os_packages_only: False
@@ -75,10 +91,19 @@
       authenticator: '{{ letsencrypt_authenticator }}'
 
   - name: Fix the webroot map in the renewal file
-    ini_file: section="[webroot_map]" option={{ item }} value={{ letsencrypt_webroot_path }} dest="/etc/letsencrypt/renewal/{{ letsencrypt_cert_domains[0] }}.conf"
+    ini_file:
+      section: "[webroot_map]"
+      option: "{{ item }}"
+      value: "{{ letsencrypt_webroot_path }}"
+      dest: "/etc/letsencrypt/renewal/{{ letsencrypt_cert_domains[0] }}.conf"
     become: yes
     with_items: "{{ letsencrypt_cert_domains }}"
 
   - name: Install renewal cron
     become: yes
-    cron: name="Let's Encrypt Renewal" day="{{ letsencrypt_renewal_frequency.day }}" hour="{{ letsencrypt_renewal_frequency.hour }}" minute="{{ letsencrypt_renewal_frequency.minute }}" job="{{ letsencrypt_venv }}/bin/letsencrypt renew {{ letsencrypt_renewal_command_args }} > /dev/null"
+    cron:
+      name: "Let's Encrypt Renewal"
+      day: "{{ letsencrypt_renewal_frequency.day }}"
+      hour: "{{ letsencrypt_renewal_frequency.hour }}"
+      minute: "{{ letsencrypt_renewal_frequency.minute }}"
+      job: "{{ letsencrypt_venv }}/bin/letsencrypt renew --quiet {{ letsencrypt_renewal_command_args }}"
diff --git a/vars/Debian-7.yml b/vars/Debian-7.yml
@@ -2,15 +2,15 @@
 
 virtualenv_package_name: python-virtualenv
 
-install_packages:
-  - python
-  - python-dev
-  - python-virtualenv
-  - gcc
-  - dialog
-  - libaugeas0
-  - libssl-dev
-  - libffi-dev
-  - ca-certificates
-  - python-pip
-  - git
+letsencrypt_depends:
+      - python
+      - python-dev
+      - python-virtualenv
+      - gcc
+      - dialog
+      - libaugeas0
+      - libssl-dev
+      - libffi-dev
+      - ca-certificates
+      - python-pip
+      - git
diff --git a/vars/RedHat.yml b/vars/RedHat.yml
@@ -1,16 +1,18 @@
 ---
 
-virtualenv_package_name: python-virtualenv
+letsencrypt_depends:
+      - python
+      - python-devel
+      - python-virtualenv
+      - gcc
+      - dialog
+      - augeas-libs
+      - openssl-devel
+      - openssl-libs
+      - libffi
+      - libffi-devel
+      - ca-certificates
+      - python-pip
+      - git
 
-install_packages:
-  - python
-  - python-devel
-  - python-virtualenv
-  - gcc
-  - dialog
-  - augeas-libs
-  - openssl-devel
-  - libffi-devel
-  - ca-certificates
-  - python-pip
-  - git
+virtualenv_package_name: "python-virtualenv"
diff --git a/vars/Ubuntu-14.yml b/vars/Ubuntu-14.yml
@@ -1,16 +1,15 @@
 --- # Ubuntu Trusty
 
 virtualenv_package_name: python-virtualenv
-
-install_packages:
-  - python
-  - python-dev
-  - python-virtualenv
-  - gcc
-  - dialog
-  - libaugeas0
-  - libssl-dev
-  - libffi-dev
-  - ca-certificates
-  - python-pip
-  - git
+letsencrypt_depends:
+      - python
+      - python-dev
+      - python-virtualenv
+      - gcc
+      - dialog
+      - libaugeas0
+      - libssl-dev
+      - libffi-dev
+      - ca-certificates
+      - python-pip
+      - git
diff --git a/vars/default.yml b/vars/default.yml
@@ -1,5 +1,15 @@
 ---
 
 virtualenv_package_name: virtualenv
-
-install_packages: []
+letsencrypt_depends:
+      - python
+      - python-dev
+      - python-virtualenv
+      - gcc
+      - dialog
+      - libaugeas0
+      - libssl-dev
+      - libffi-dev
+      - ca-certificates
+      - python-pip
+      - git