/ansible-acmetool

Ansible role for acmetool

Primary LanguagePythonBSD 2-Clause "Simplified" LicenseBSD-2-Clause

Build Status Role Name

This role installs and configures the acmetool on a Debian/Ubuntu server.

Requirements

  • OS: Ubuntu 14.04/16.04/18.04

Role Variables

Default Variables

acmetool_rootless: False

optional, install acmetool as non-root user

acmetool_user: "acme"

no-root username

acmetool_email: ""

optional, let's encypt emails

acmetool_agreement: True

required, accept terms

acmetool_server: "https://acme-v01.api.letsencrypt.org/directory"

required

acmetool_method: "proxy"

required, options: webroot, proxy, stateless, redirector refere to acmetool

acmetool_webroot_path: ""

required when acmetool_method is webroot

acmetool_quickstart_complete: True

acmetool_install_systemd_timer: False

optional, install systemd timer for autorenewal

acmetool_install_cronjob: False

optinal, install cronjob for autorenewal

acmetool_install_haproxy_script: False

optional

acmetool_install_redirector_systemd: True

optional

acmetool_key_type: "rsa"

required, options: rsa, ecdsa

acmetool_rsa_key_size: 4096

required, 2048 - 4096 bytes

acmetool_ecdsa_curve: "nistp256"

required, options: nistp256 (recommended), nistp384, nistp521 (limited support)

Limitations

  • The acmetool method redirector currently is only supported when acmetool is installed as root.
  • Either Cronjob or Systemd Timer can be used, but not both at the time.

Example Playbook

Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:

- hosts: servers
  roles:
    - { role: ansible-acmetool, become: yes }
  vars:
    - acmetool_email: "test@example.com"
    - acmetool_method: "proxy"

License

BSD

Author Information

Jonas Reindl