23 lines
666 B
YAML
23 lines
666 B
YAML
# This needs to happen in order. letsencrypt hosts export their TXT
|
|
# authentication records which is installed onto adns1, and then the
|
|
# hosts verify to issue/renew keys
|
|
- hosts: "certcheck:!disabled"
|
|
roles:
|
|
- install-certcheck
|
|
- hosts: "letsencrypt:!disabled"
|
|
name: "Deploy and renew certificates"
|
|
roles:
|
|
- letsencrypt-acme-sh-install
|
|
- letsencrypt-request-certs
|
|
- hosts: "adns-primary:!disabled"
|
|
name: "Install txt records"
|
|
roles:
|
|
- letsencrypt-install-txt-record
|
|
- hosts: "letsencrypt:!disabled"
|
|
name: "Create certs"
|
|
roles:
|
|
- letsencrypt-create-certs
|
|
- hosts: "certcheck:!disabled"
|
|
roles:
|
|
- letsencrypt-config-certcheck
|