From c8ad1174b15a724305b217242272d8ac575c3f7a Mon Sep 17 00:00:00 2001
From: Nahir MOHAMED <nahir.mohamed@lifeplus.io>
Date: Mon, 23 Nov 2020 16:41:23 +0100
Subject: [PATCH] Add capability to enable notification hook

---
 README.md         | 33 +++++++++++++++++++++++++++++++++
 defaults/main.yml |  6 ++++++
 tasks/main.yml    | 18 ++++++++++++++++++
 3 files changed, 57 insertions(+)

diff --git a/README.md b/README.md
index 878ffc6..35ce0a6 100644
--- a/README.md
+++ b/README.md
@@ -238,6 +238,39 @@ acme_sh_default_issue_renew_hook: ""
 # instead of being created and set for renewal. This will not uninstall acme.sh.
 acme_sh_default_remove: False
 
+# When set to True, enable notification from Acme.sh cronjob
+# https://github.com/acmesh-official/acme.sh/wiki/notify
+# You should set it back to False when you're done, if you don't want to receive
+# each time you run Ansible, notification should be set once.
+acme_sh_enable_notify: False
+
+# List of notification hooks to call when notifications are enabled
+# Example
+#     acme_sh_notify_hooks:
+#        - sendgrid
+#        - slack
+acme_sh_notify_hooks: []
+
+# What are your the notify ENV vars?
+# The key names to use can be found at:
+# https://github.com/acmesh-official/acme.sh/wiki/notify
+# Just add them as key / value pairs here
+# without the "export ".
+#
+# For example if you were using haproxy as deploy hook you would enter:
+#    acme_sh_default_deploy_env_vars:
+#       "MAIL_FROM": "xxx@xxx.xx"
+#       "MAIL_TO":"yyy@yyy.yy"
+acme_sh_notify_env_var: {}
+
+# Set level of notify command
+# Find meaning of available values here : https://github.com/acmesh-official/acme.sh/wiki/notify
+acme_sh_notify_level: 2
+
+# Set mode of notify command
+# Find meaning of available values here : https://github.com/acmesh-official/acme.sh/wiki/notify
+acme_sh_notify_mode: 0
+
 # This list contains a list of domains, along with key / value pairs to
 # configure each set of domains individually.
 #
diff --git a/defaults/main.yml b/defaults/main.yml
index b530805..6c1e614 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -44,3 +44,9 @@ acme_sh_default_issue_renew_hook: ""
 acme_sh_default_remove: False
 
 acme_sh_domains: []
+
+acme_sh_enable_notify: False
+acme_sh_notify_hooks: []
+acme_sh_notify_env_var: {}
+acme_sh_notify_level: 2
+acme_sh_notify_mode: 0
diff --git a/tasks/main.yml b/tasks/main.yml
index 9adcd12..a492f08 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -217,6 +217,24 @@
   changed_when: issue_result.results[domains_index].changed or renew_result.results[domains_index].changed
   failed_when: install_cert_result.rc != 0 and "Reload error for" not in install_cert_result.stderr
 
+- name: Enable acme.sh notification
+  command: >-
+    ./acme.sh --set-notify
+    --notify-level {{ acme_sh_notify_level }}
+    --notify-mode {{ acme_sh_notify_mode }}
+    {% for hook in acme_sh_notify_hooks %} --notify-hook {{ hook }} {% endfor %}
+  args:
+    chdir: "~/.acme.sh"
+  environment: "{{ acme_sh_notify_env_var }}"
+  when:
+    - acme_sh_enable_notify
+    - acme_sh_notify_hooks | length > 0
+    - acme_sh_notify_env_var.keys() | length > 0
+    - not acme_sh_uninstall
+  become_user: "{{ acme_sh_become_user }}"
+  register: acme_notify_result
+  failed_when: acme_notify_result.rc != 0
+
 - name: Register acme.sh certificate information
   command: ./acme.sh --list
   args: