Skip to content

Commit 9045ec5

Browse files
geerlingguygeerlingguy
authored
Merge pull request #208 from theS1LV3R/master
Allow for certificates to be expanded to include new domains
2 parents 98ea323 + 63638f4 commit 9045ec5

File tree

3 files changed

+6
-12
lines changed

3 files changed

+6
-12
lines changed

defaults/main.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@ certbot_hsts: false
1414
certbot_create_if_missing: false
1515
certbot_create_method: standalone
1616
certbot_admin_email: email@example.com
17+
certbot_expand: false
1718

1819
# Default webroot, overwritten by individual per-cert webroot directories
1920
certbot_webroot: /var/www/letsencrypt
@@ -35,6 +36,7 @@ certbot_create_command: >-
3536
{{ '--test-cert' if certbot_testmode else '' }}
3637
--noninteractive --agree-tos
3738
--email {{ cert_item.email | default(certbot_admin_email) }}
39+
{{ '--expand' if certbot_expand else '' }}
3840
{{ '--webroot-path ' if certbot_create_method == 'webroot' else '' }}
3941
{{ cert_item.webroot | default(certbot_webroot) if certbot_create_method == 'webroot' else '' }}
4042
{{ certbot_create_extra_args }}

tasks/create-cert-standalone.yml

Lines changed: 2 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,4 @@
11
---
2-
- name: Check if certificate already exists.
3-
stat:
4-
path: /etc/letsencrypt/live/{{ cert_item.domains | first | replace('*.', '') }}/cert.pem
5-
register: letsencrypt_cert
6-
72
- name: Ensure pre and post hook folders exist.
83
file:
94
path: /etc/letsencrypt/renewal-hooks/{{ item }}
@@ -39,4 +34,5 @@
3934

4035
- name: Generate new certificate if one doesn't exist.
4136
command: "{{ certbot_create_command }}"
42-
when: not letsencrypt_cert.stat.exists
37+
register: certbot_create
38+
changed_when: "'no action taken' not in certbot_create.stdout"

tasks/create-cert-webroot.yml

Lines changed: 2 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,10 @@
11
---
2-
- name: Check if certificate already exists.
3-
stat:
4-
path: /etc/letsencrypt/live/{{ cert_item.domains | first }}/cert.pem
5-
register: letsencrypt_cert
6-
72
- name: Create webroot directory if it doesn't exist yet
83
file:
94
path: "{{ cert_item.webroot | default(certbot_webroot) }}"
105
state: directory
116

127
- name: Generate new certificate if one doesn't exist.
138
command: "{{ certbot_create_command }}"
14-
when: not letsencrypt_cert.stat.exists
9+
register: certbot_create
10+
changed_when: "'no action taken' not in certbot_create.stdout"

0 commit comments

Comments
 (0)