Update to 2020-10-05 15:00

roles/letsencrypt/tasks/main.yml

@@ -6,6 +6,7 @@
       - dehydrated
       - python2-dns-lexicon
   when: ansible_os_family == 'RedHat'
+  tags: web,ssl
 
 - name: Install dependencies
   apt:
@@ -14,6 +15,7 @@
       - python-setuptools
       - curl
   when: ansible_os_family == 'Debian'
+  tags: web,ssl
 
 - name: Create needed directories
   file: path={{ item }} state=directory
@@ -21,6 +23,7 @@
     - /etc/dehydrated
     - /var/lib/dehydrated/certificates
     - /var/lib/dehydrated/challenges
+  tags: web,ssl
 
 - name: Install dehydrated
   get_url:
@@ -36,12 +39,14 @@
     - url: https://git.fws.fr/fws/dehydrated/raw/branch/master/dehydrated_hooks
       dest: /usr/local/bin/dehydrated_hooks
   when: ansible_os_family == 'Debian'
+  tags: web,ssl
 
 - name: Install lexicon
   pip: name=dns-lexicon state=latest
   environment:
     - https_proxy: "{{ system_proxy | default('') }}"
   when: ansible_os_family == 'Debian'
+  tags: web,ssl
 
 - name: Create hook directories
   file: path=/etc/dehydrated/hooks_{{ item }}.d state=directory
@@ -55,6 +60,7 @@
     - generate_csr
     - startup_hook
     - exit_hook
+  tags: web,ssl
 
 - name: Deploy default hooks
   copy: content={{ letsencrypt_hooks[item] }} dest=/etc/dehydrated/hooks_{{ item }}.d/00-default mode=755
@@ -68,12 +74,14 @@
     - generate_csr
     - startup_hook
     - exit_hook
+  tags: web,ssl
 
 - name: Remove obsolete gandi_live backend # merged with gandi now
   file: path=/usr/lib/python2.7/site-packages/lexicon/providers/{{ item }} state=absent
   loop:
     - gandi_live.py
     - gandi_live.pyc
+  tags: web,ssl
 
 - name: Deploy lexicon hooks
   template: src=dns-lexicon-{{ item }}.j2 dest=/etc/dehydrated/hooks_{{ item }}.d/dns-lexicon mode=755
@@ -84,6 +92,7 @@
     - letsencrypt_challenge == 'dns'
     - letsencrypt_dns_provider is defined
     - letsencrypt_dns_auth_token is defined
+  tags: web,ssl
 
 - name: Remove lexicon hooks
   file: path=/etc/dehydrated/hooks_{{ item }}.d/dns-lexicon state=absent
@@ -91,6 +100,7 @@
     - deploy_challenge
     - clean_challenge
   when: letsencrypt_challenge != 'dns' or letsencrypt_dns_provider is not defined or letsencrypt_dns_auth_token is not defined
+  tags: web,ssl
 
 - name: Deploy dehydrated configuration
   template: src={{ item.src }} dest={{item.dest }} mode={{ item.mode | default('644') }}
@@ -104,10 +114,12 @@
       dest: /etc/cron.daily/dehydrated
       mode: 755
   notify: renew dehydrated
+  tags: web,ssl
 
 - name: Create httpd conf dir
   file: path=/etc/httpd/ansible_conf.d state=directory
   when: ansible_os_family == 'RedHat'
+  tags: web,ssl
 
 - name: Deploy dehydrated config for apache
   copy: src={{ item.src }} dest={{ item.dest }}
@@ -118,11 +130,13 @@
       dest: /etc/httpd/ansible_conf.d/common_letsencrypt.inc
   register: letsencrypt_httpd_conf
   when: ansible_os_family == 'RedHat'
+  tags: web,ssl
 
 - name: Check if Apache httpd is installed
   stat: path=/lib/systemd/system/httpd.service
   register: letsencrypt_httpd
   when: ansible_os_family == 'RedHat'
+  tags: web,ssl
 
 - name: Reload httpd config
   command: /bin/systemctl condreload httpd
@@ -130,11 +144,13 @@
     - letsencrypt_httpd_conf.changed
     - letsencrypt_httpd.stat.exists
     - ansible_os_family == 'RedHat'
+  tags: web,ssl
 
 - name: Register on Let's Encrypt
   command: dehydrated --register --accept-terms
   changed_when: False
   environment:
     - https_proxy: "{{ system_proxy | default('') }}"
+  tags: web,ssl
 
 ...