feat: add acme.sh role

2025-10-13 23:28:22 +02:00 · 2025-10-13 23:28:22 +02:00 · 2950835407
commit 2950835407
parent 1b2a39518b
4 changed files with 85 additions and 0 deletions
--- a/roles/acme.sh/tasks/main.yaml
+++ b/roles/acme.sh/tasks/main.yaml
@ -0,0 +1,52 @@
+- name: Create acme.sh dir
+  ansible.builtin.file:
+    path: /srv/acme.sh
+    state: directory
+    mode: '0755'
+
+- name: Create certs dir if it doesn't exist
+  ansible.builtin.file:
+    path: /srv/certs
+    state: directory
+    mode: '0755'
+
+- name: Copy over acme.sh.container file
+  ansible.builtin.copy:
+    src: ./files/acme.sh.container
+    dest: /etc/containers/systemd/acme.sh.container
+    owner: root
+    group: root
+    mode: '0644'
+
+- name: Copy over acme.sh reload path file
+  ansible.builtin.copy:
+    src: ./acme.sh-reload.path
+    dest: /etc/systemd/system/acme.sh-reload.path
+    owner: root
+    group: root
+    mode: '0644'
+
+- name: Copy over acme.sh reload service file
+  ansible.builtin.copy:
+    src: ./acme.sh-reload.service
+    dest: /etc/systemd/system/acme.sh-reload.service
+    owner: root
+    group: root
+    mode: '0644'
+
+- name: Run systemctl daemon-reload
+  ansible.builtin.systemd_service:
+    daemon_reload: true
+
+- name: Start acme.sh container
+  ansible.builtin.systemd_service:
+    name: acme.sh.service
+    state: restarted
+
+- name: Start acme.sh reload service
+  ansible.builtin.systemd_service:
+    name: acme.sh-reload.path
+    state: started
+    enabled: true
+
+