Merge c8ad1174b1 into 76c835e9f7

2021-08-21 12:28:08 +02:00 · 2021-08-21 12:28:08 +02:00 · 06dcfd053a
parent 76c835e9f7 c8ad1174b1
commit 06dcfd053a
3 changed files with 57 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -237,6 +237,39 @@ acme_sh_default_issue_renew_hook: ""
 # instead of being created and set for renewal. This will not uninstall acme.sh.
 acme_sh_default_remove: False

+# When set to True, enable notification from Acme.sh cronjob
+# https://github.com/acmesh-official/acme.sh/wiki/notify
+# You should set it back to False when you're done, if you don't want to receive
+# each time you run Ansible, notification should be set once.
+acme_sh_enable_notify: False
+
+# List of notification hooks to call when notifications are enabled
+# Example
+#     acme_sh_notify_hooks:
+#        - sendgrid
+#        - slack
+acme_sh_notify_hooks: []
+
+# What are your the notify ENV vars?
+# The key names to use can be found at:
+# https://github.com/acmesh-official/acme.sh/wiki/notify
+# Just add them as key / value pairs here
+# without the "export ".
+#
+# For example if you were using haproxy as deploy hook you would enter:
+#    acme_sh_default_deploy_env_vars:
+#       "MAIL_FROM": "xxx@xxx.xx"
+#       "MAIL_TO":"yyy@yyy.yy"
+acme_sh_notify_env_var: {}
+
+# Set level of notify command
+# Find meaning of available values here : https://github.com/acmesh-official/acme.sh/wiki/notify
+acme_sh_notify_level: 2
+
+# Set mode of notify command
+# Find meaning of available values here : https://github.com/acmesh-official/acme.sh/wiki/notify
+acme_sh_notify_mode: 0
+
 # This list contains a list of domains, along with key / value pairs to
 # configure each set of domains individually.
 #
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -44,3 +44,9 @@ acme_sh_default_issue_renew_hook: ""
 acme_sh_default_remove: False

 acme_sh_domains: []
+
+acme_sh_enable_notify: False
+acme_sh_notify_hooks: []
+acme_sh_notify_env_var: {}
+acme_sh_notify_level: 2
+acme_sh_notify_mode: 0
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -218,6 +218,24 @@
  changed_when: issue_result.results[domains_index].changed or renew_result.results[domains_index].changed
  failed_when: install_cert_result.rc != 0 and "Reload error for" not in install_cert_result.stderr

+- name: Enable acme.sh notification
+  command: >-
+    ./acme.sh --set-notify
+    --notify-level {{ acme_sh_notify_level }}
+    --notify-mode {{ acme_sh_notify_mode }}
+    {% for hook in acme_sh_notify_hooks %} --notify-hook {{ hook }} {% endfor %}
+  args:
+    chdir: "~/.acme.sh"
+  environment: "{{ acme_sh_notify_env_var }}"
+  when:
+    - acme_sh_enable_notify
+    - acme_sh_notify_hooks | length > 0
+    - acme_sh_notify_env_var.keys() | length > 0
+    - not acme_sh_uninstall
+  become_user: "{{ acme_sh_become_user }}"
+  register: acme_notify_result
+  failed_when: acme_notify_result.rc != 0
+
 - name: Register acme.sh certificate information
  command: ./acme.sh --list
  args: