From 98deb6b468c52d09c69c699b02ab16791f557beb Mon Sep 17 00:00:00 2001
From: Dmitry Ilvokhin <d@ilvokhin.com>
Date: Thu, 21 Dec 2023 18:08:22 +0000
Subject: Enable certbot for certificates renewal

---
 roles/web/tasks/certbot.yml | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 roles/web/tasks/certbot.yml

(limited to 'roles/web/tasks/certbot.yml')

diff --git a/roles/web/tasks/certbot.yml b/roles/web/tasks/certbot.yml
new file mode 100644
index 0000000..bc0e50e
--- /dev/null
+++ b/roles/web/tasks/certbot.yml
@@ -0,0 +1,27 @@
+- name: Install certbot
+  ansible.builtin.package:
+    name:
+      - certbot
+    state: present
+
+- name: Configure certbot systemd service
+  ansible.builtin.copy:
+    src: roles/web/files/certbot/certbot.service
+    dest: /usr/lib/systemd/system
+    owner: root
+    group: root
+    mode: u+rw,g+r,o+r
+
+- name: Configure certbot systemd timer
+  ansible.builtin.copy:
+    src: roles/web/files/certbot/certbot.timer
+    dest: /usr/lib/systemd/system
+    owner: root
+    group: root
+    mode: u+rw,g+r,o+r
+
+- name: Enable certbot systemd timer
+  ansible.builtin.service:
+    name: certbot.timer
+    enabled: yes
+    state: started
-- 
cgit v1.2.3-70-g09d2