journalwatch: allow more TLS errors
[ansible.git] / roles / letsencrypt / tasks / main.yml
1 # dh2048
2 - name: create dh2048 file
3   command: openssl dhparam -out /etc/ssl/dh2048.pem 2048
4   args:
5     creates: "/etc/ssl/dh2048.pem"
6 # lets encrypt tiny
7 - name: clone lets-encrypt-tiny
8   git:
9     dest: /var/lib/letsencrypt/lets-encrypt-tiny
10     repo: 'https://git.ralfj.de/lets-encrypt-tiny.git'
11     version: master
12 - name: obtain certificate
13   command: /var/lib/letsencrypt/lets-encrypt-tiny/letsencrypt-tiny -c /var/lib/letsencrypt/live.conf init
14   args:
15     creates: "/etc/ssl/mycerts/letsencrypt/live.crt"
16 - name: create lets-encrypt-tiny crontab entry
17   cron:
18     name: "lets-encrypt-tiny"
19     hour: "7"
20     minute: "42"
21     job: "/var/lib/letsencrypt/lets-encrypt-tiny/letsencrypt-tiny -c /var/lib/letsencrypt/live.conf -k cron"
22 - name: create certcheck crontab entry
23   cron:
24     name: "certcheck"
25     hour: "9"
26     minute: "42"
27     job: "/var/lib/letsencrypt/lets-encrypt-tiny/certcheck /etc/ssl/mycerts/ -d 14"