Added letsencrypt_directory as variable in defaults and updated the i…

…nstall.yaml and certificate.ymal
systemli · Apr 5, 2023 · 6c5c188 · 6c5c188
1 parent 957b3fb
commit 6c5c188
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 8 deletions.
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -32,3 +32,6 @@ letsencrypt_subset_names: True
 
 # Set global extra commandline options for certbot
 letsencrypt_opts_extra: ""
+
+# Set path for letsencrypt directory
+letsencrypt_directory: /etc/letsencrypt
diff --git a/tasks/certificate.yml b/tasks/certificate.yml
@@ -134,7 +134,7 @@
   block:
     - name: get dest of current private key
       file:
-        path: /etc/letsencrypt/live/{{ letsencrypt_cert.name }}/privkey.pem
+        path: "{{ letsencrypt_directory }}/live/{{ letsencrypt_cert.name }}/privkey.pem"
         state: link
       register: privkey
       check_mode: true

diff --git a/tasks/install.yml b/tasks/install.yml
@@ -11,25 +11,25 @@
         owner: root
         group: root
         mode: 0755
-    - name: create directory /etc/letsencrypt/keys
+    - name: create directory {{ letsencrypt_directory }}/keys
       file:
-        dest: /etc/letsencrypt/keys
+        dest: "{{ letsencrypt_directory }}/keys"
         state: directory
         owner: root
         group: root
         mode: 0700
     - name: install certbot DNS challenge nsupdate key
       copy:
         content: "{{ letsencrypt_ddns_key }}"
-        dest: /etc/letsencrypt/keys/ddns_update.key
+        dest: "{{ letsencrypt_directory }}/keys/ddns_update.key"
         owner: root
         group: root
         mode: 0400
       when: letsencrypt_ddns_key|default()
     - name: install certbot DNS challenge nsupdate private key
       copy:
         content: "{{ letsencrypt_ddns_privkey }}"
-        dest: /etc/letsencrypt/keys/ddns_update.private
+        dest: "{{ letsencrypt_directory }}/keys/ddns_update.private"
         owner: root
         group: root
         mode: 0400
@@ -50,8 +50,8 @@
         group: letsencrypt
         mode: 0750
       with_items:
-        - /etc/letsencrypt/archive
-        - /etc/letsencrypt/live
+        - "{{ letsencrypt_directory }}/archive"
+        - "{{ letsencrypt_directory }}/live"
   when: letsencrypt_group
 
 - name: check if letsencrypt_account_email is set
@@ -65,7 +65,7 @@
 
 - name: check if a Let's Encrypt account exists
   stat:
-    path: /etc/letsencrypt/accounts
+    path: "{{ letsencrypt_directory }}/accounts"
   register: letsencrypt_reg_accounts_dir
 
 - name: prepare optional test cert option