diff --git a/roles/letsencrypt/defaults/main.yml b/roles/letsencrypt/defaults/main.yml index eae8518..416ca50 100644 --- a/roles/letsencrypt/defaults/main.yml +++ b/roles/letsencrypt/defaults/main.yml @@ -25,4 +25,36 @@ letsencrypt_challenge: http # alt_names: # - directory.domain.com +letsencrypt_base_hooks: + clean_challenge: | + #!/bin/bash -e + # Managed by ansible, manual modifications will be lost + deploy_cert: | + #!/bin/bash -e + # Managed by ansible, manual modifications will be lost + deploy_challenge: | + #!/bin/bash -e + # Managed by ansible, manual modifications will be lost + exit_hook: | + #!/bin/bash -e + # Managed by ansible, manual modifications will be lost + generate_csr: | + #!/bin/bash -e + # Managed by ansible, manual modifications will be lost + invalid_challenge: | + #!/bin/bash -e + # Managed by ansible, manual modifications will be lost + request_failure: | + #!/bin/bash -e + # Managed by ansible, manual modifications will be lost + startup_hook: | + #!/bin/bash -e + # Managed by ansible, manual modifications will be lost + unchanged_cert: | + #!/bin/bash -e + # Managed by ansible, manual modifications will be lost + +letsencrypt_extra_hooks: {} +letsencrypt_hooks: "{{ letsencrypt_base_hooks | combine(letsencrypt_extra_hooks, recursive=True) }}" + ... diff --git a/roles/letsencrypt/tasks/main.yml b/roles/letsencrypt/tasks/main.yml index d8c3d6f..557f7ea 100644 --- a/roles/letsencrypt/tasks/main.yml +++ b/roles/letsencrypt/tasks/main.yml @@ -45,7 +45,20 @@ - name: Create hook directories file: path=/etc/dehydrated/hooks_{{ item }}.d state=directory - with_items: + loop: + - clean_challenge + - deploy_cert + - deploy_challenge + - unchanged_cert + - invalid_challenge + - request_failure + - generate_csr + - startup_hook + - exit_hook + +- name: Deploy default hooks + copy: content={{ letsencrypt_hooks[item] }} dest=/etc/dehydrated/hooks_{{ item }}.d/00-default mode=755 + loop: - clean_challenge - deploy_cert - deploy_challenge