Fixes issues:

- Missing variables for dependencies - Update geerlingguy.certbot to 3.0.1 - Add variables foe Acme server - Clean up tasks to reduce redundancy
michaelpporter · Sep 29, 2018 · edfc04b · edfc04b
1 parent 990f8e2
commit edfc04b
Show file tree

Hide file tree

Showing 5 changed files with 22 additions and 16 deletions.
diff --git a/README.md b/README.md
@@ -28,6 +28,14 @@ Your Cloudflare Global API Key, optionally encryped `ansible-vault encrypt_strin
 
 The wildcard domain to create the cert for. For non-wildcard domains I recommend using [geerlingguy.certbot](https://github.com/geerlingguy/ansible-role-certbot)
 
+    certbot_cloudflare_acme_server: "{{ certbot_cloudflare_acme_test }}"
+
+    or 
+
+    certbot_cloudflare_acme_server: "{{ certbot_cloudflare_acme_live }}"
+
+Let's Encrypt server to use, defaults to test.
+
 
 Dependencies
 ------------

diff --git a/defaults/main.yml b/defaults/main.yml
@@ -9,3 +9,12 @@ certbot_cloudflare_api_key: ''
 
 certbot_create_standalone_stop_services: []
 certbot_create_if_missing: yes
+
+certbot_dir:  /opt/certbot
+
+# Use the ACME v2 staging URI for testing things
+certbot_cloudflare_acme_test: "https://acme-staging-v02.api.letsencrypt.org/directory"
+# Production ACME v2 API endpoint
+certbot_cloudflare_acme_live: "https://acme-v02.api.letsencrypt.org/directory"
+
+certbot_cloudflare_acme_server: "{{ certbot_cloudflare_acme_test }}"
diff --git a/meta/main.yml b/meta/main.yml
@@ -24,5 +24,5 @@ galaxy_info:
 dependencies:
     - src: geerlingguy.pip
       version: 1.2.2
-    - src: geerlingguy.certbot
-      version: 3.0.0
+    - { role: geerlingguy.certbot, certbot_certs: [], version: 3.0.1 }
+
diff --git a/tasks/main.yml b/tasks/main.yml
@@ -12,16 +12,6 @@
     - python-dev
     - python-pycurl
 
-- name: Install pip
-  include_role:
-    name: geerlingguy.pip
-
-- name: Install Certbot without Domains.
-  include_role:
-    name: geerlingguy.certbot
-  vars:
-    certbot_certs: []
-
 - name: check if certbot-dns-cloudflare plugin is installed
   shell: certbot plugins | grep dns-cloudflare
   register: cf_check
@@ -31,13 +21,15 @@
 - name: Install certbot-dns-cloudflare
   shell: "cd {{certbot_dir}}/certbot-dns-cloudflare && python setup.py install"
   when: cf_check is failed
+
 - name: Create certbot folder - sudouser
   file:
     path: /etc/letsencrypt
     state: directory
     owner: root
     group: root
     mode: 0700
+
 - name: Certbot Template
   template:
     src: "{{ item.src }}"

diff --git a/templates/letsencrypt_cli.ini.j2 b/templates/letsencrypt_cli.ini.j2
@@ -1,6 +1,3 @@
 # Let's Encrypt site-wide configuration
 dns-cloudflare-credentials = /etc/letsencrypt/dnscloudflare.ini
-# Use the ACME v2 staging URI for testing things
-#server = https://acme-staging-v02.api.letsencrypt.org/directory
-# Production ACME v2 API endpoint
-server = https://acme-v02.api.letsencrypt.org/directory
+server = {{ certbot_cloudflare_acme_server }}