Upstream
/
ansible-acme-sh
mirror of https://github.com/nickjj/ansible-acme-sh.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Make it work with new application token 

Signed-off-by: Lucas Maurice <l@effenco.com>
This commit is contained in:
Lucas Maurice 2020-08-14 14:38:23 -04:00
parent adf84b2122
commit 5dd5d1d7d4
2 changed files with 24 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
defaults/main.yml
View File

@ -15,6 +15,7 @@ acme_sh_domains:
debug: false
reload_command: service nginx restart
acme_cloudflare_token: xxxx
acme_cloudflare_account_id: xxxx
acme_cloudflare_zone_id: xxxx
# acme_cloudflare_token: xxxx
# acme_cloudflare_account_id: xxxx
# acme_cloudflare_zone_id: xxxx
# acme_cloudflare_email: xxxx

21
tasks/main.yml
View File

@ -39,7 +39,7 @@
- item.remove | default(false)
loop: "{{ acme_sh_domains }}"
- name: Issue acme.sh certificate(s)
- name: Issue acme.sh certificate(s) (old token)
command: >-
./acme.sh --issue -d {{ item.domain }} --dns dns_cf
{{ "--force" if item.force_issue | default(false) or item.force_renew | default(false) else "" }}
@ -53,6 +53,25 @@
- "CF_Zone_ID": "{{ acme_cloudflare_zone_id }}"
when: not item.remove | default(false)
loop: "{{ acme_sh_domains }}"
when: acme_cloudflare_account_id is defined and acme_cloudflare_zone_id is defined
register: issue_result
changed_when: issue_result.rc == 0 and "Cert success" in issue_result.stdout and not item.force_renew | default(false)
failed_when: issue_result.rc != 0 and "Domains not changed" not in issue_result.stdout
- name: Issue acme.sh certificate(s) (token)
command: >-
./acme.sh --issue -d {{ item.domain }} --dns dns_cf
{{ "--force" if item.force_issue | default(false) or item.force_renew | default(false) else "" }}
{{ "--staging" if item.staging | default(false) else "" }}
{{ "--debug" if item.debug | default(false) else "" }}
args:
chdir: "{{ acme_sh_git_clone_dest }}"
environment:
- "CF_Key": "{{ acme_cloudflare_token }}"
- "CF_Email": "{{ acme_cloudflare_email }}"
when: not item.remove | default(false)
loop: "{{ acme_sh_domains }}"
when: acme_cloudflare_token is defined and acme_cloudflare_email is defined
register: issue_result
changed_when: issue_result.rc == 0 and "Cert success" in issue_result.stdout and not item.force_renew | default(false)
failed_when: issue_result.rc != 0 and "Domains not changed" not in issue_result.stdout