Certbot role
Deploy Let's Encrypt certificates.
Usage
Configure the role.
vars.yml
certbot_image: certbot/certbot
certbot_hostname: cert01
certbot_data_dir: /usr/share/cert # default: "/usr/share/{{ certbot_hostname }}"
certbot_email: info@example.com
certbot_preferred_challenges: "dns" # default: "http"
nginx_image: nginx:1.19.2-alpine
nginx_hostname: nginx01
nginx_data_dir: /usr/share/nginx # default: "/usr/share/{{ nginx_hostname }}"
nginx_proxies: # See nginx role for reference
And include it in your playbook.
- hosts: certbot
roles:
- role: certbot
Docs
For wildcard certificates set certbot_preferred_challenges: http
. This will intentionally fail the certbot challenge and give you a manuall command, which must be executed on the server.