jpp/ansible-roles
1
0
Fork 0
mirror of https://git.lapiole.org/dani/ansible-roles.git synced 2025-08-01 14:25:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update to 2024-02-21 16:00

Browse Source
This commit is contained in:
Daniel Berteaud
2024-02-21 16:00:39 +01:00
parent 591a80926b
commit 7d5e3cf033
4 changed files with 5 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
roles/letsencrypt/tasks/main.yml
View File

@@ -12,12 +12,6 @@
package: name={{ letsencrypt_packages }}
tags: web,ssl
- name: Detect openssl version
shell: openssl version | perl -ne 'm/OpenSSL (\d+[^\s\-]+)/ && print "$1\n"'
register: letsencrypt_openssl_version
changed_when: False
tags: web,ssl
- name: Create needed directories
file: path={{ item }} state=directory
with_items:

4
roles/letsencrypt/templates/config.j2
View File

@@ -10,9 +10,7 @@ KEYSIZE="{{ letsencrypt_key_size | default('4096') }}"
HOOK=/usr/{{ (ansible_os_family == 'Debian') | ternary('local/','') }}bin/dehydrated_hooks
RENEW_DAYS="{{ letsencrypt_renew_days | default('30') }}"
PRIVATE_KEY_RENEW="yes"
{% if letsencrypt_preferred_chain is not defined %}
PREFERRED_CHAIN="{{ letsencrypt_openssl_version.stdout is version('1.0.2k', '>=') | ternary('ISRG Root X1','issuer= /C=US/O=Internet Security Research Group/CN=ISRG Root X1') }}"
{% elif letsencrypt_preferred_chain != 'default' %}
{% if letsencrypt_preferred_chain is defined and letsencrypt_preferred_chain != 'default' %}
PREFERRED_CHAIN={{ letsencrypt_preferred_chain | quote }}
{% endif %}
{% if letsencrypt_key_algo | default('rsa') in ['rsa', 'prime256v1', 'secp384r1' ] %}