[14706] | 1 | --- |
---|
| 2 | # This ansible-playbook installs letsencrypt certs |
---|
| 3 | # |
---|
| 4 | # What it does: |
---|
| 5 | # - registers LE account |
---|
| 6 | # - requests/creates first-time certificates |
---|
| 7 | # - requests new certs if list of domains changed |
---|
| 8 | ## |
---|
| 9 | # REVIEW/EDIT THE VARS BELOW BEFORE RUNNING! |
---|
| 10 | # ALL DOMAINS MUST BE REGISTERED FOR TARGET HOST IN DNS! |
---|
[16019] | 11 | # WHEN EXPANDING DOMAIN LIST, DO NOT CHANGE FIRST ENTRY! |
---|
[14706] | 12 | # |
---|
| 13 | # It will normally be run like this: |
---|
| 14 | # |
---|
| 15 | # ansible-playbook -b -i h8.waeup.org, letsencrypt.yml |
---|
| 16 | # |
---|
| 17 | - hosts: h8.waeup.org |
---|
| 18 | vars: |
---|
| 19 | letsencrypt_email: 'uli@gnufix.de' |
---|
[16727] | 20 | letsencrypt_domains: 'h8.waeup.org,waeup.org,www.waeup.org,git.waeup.org,svn.waeup.org,trac.waeup.org,aaue-trac.waeup.org,coewarri-trac.waeup.org,dspg-trac.waeup.org,edopoly-trac.waeup.org, fceokene-trac.waeup.org,iuokada-trac.waeup.org,moodle-trac.waeup.org,uniben-trac.waeup.org,v1.waeup.org,v2.waeup.org,v3.waeup.org,v4.waeup.org,v5.waeup.org,v6.waeup.org,v7.waeup.org,v8.waeup.org,elearning.waeup.org,gopinkdreams.com,www.gopinkdreams.com,kofaplus.com,www.kofaplus.com,aauelms.waeup.org,ecns-trac.waeup.org,unidel-trac.waeup.org' |
---|
[14706] | 21 | # set to true if you got some LE certs already, but the list of domains expanded |
---|
[16600] | 22 | # if one or more domains are deleted, a NEW cert will be created instead of a RENEWED. |
---|
[14911] | 23 | letsencrypt_expand_domains: true |
---|
[14706] | 24 | roles: |
---|
| 25 | - letsencrypt |
---|
[16580] | 26 | - hosts: h10.waeup.org |
---|
| 27 | vars: |
---|
| 28 | letsencrypt_email: 'uli@gnufix.de' |
---|
[16581] | 29 | letsencrypt_domains: 'h10.waeup.org,uniben-alumni.waeup.org,uniben-cdl.waeup.org,unibenlms.waeup.org,d2.waeup.org,uniben-moodle.waeup.org,uniben.waeup.org,waeup.uniben.edu' |
---|
[16580] | 30 | # set to true if you got some LE certs already, but the list of domains expanded |
---|
[16600] | 31 | # if one or more domains are deleted, a NEW cert will be created instead of a RENEWED. |
---|
[16580] | 32 | letsencrypt_expand_domains: true |
---|
| 33 | roles: |
---|
| 34 | - letsencrypt |
---|