41 lines
1.1 KiB
YAML
41 lines
1.1 KiB
YAML
---
|
|
- name: Copy the system service
|
|
ansible.builtin.template:
|
|
src: lego@.service.j2
|
|
dest: /etc/systemd/system/lego@.service
|
|
mode: "0644"
|
|
become: true
|
|
- name: Copy the system timer
|
|
ansible.builtin.copy:
|
|
src: lego@.timer
|
|
dest: /etc/systemd/system/lego@.timer
|
|
mode: "0644"
|
|
become: true
|
|
|
|
- name: Get all lego timers
|
|
ansible.builtin.shell:
|
|
executable: /usr/bin/bash
|
|
cmd: "set -o pipefail && systemctl list-timers 'lego@*' --all --output=json | jq -r '.[].unit'"
|
|
register: systemd_timers_result
|
|
changed_when: false
|
|
|
|
- name: Generate systemd timer names
|
|
ansible.builtin.set_fact:
|
|
lego_systemd_timers: "{{ lego_host_certificates | list_prefix_suffix('lego@', '.timer') }}"
|
|
|
|
- name: Disable unused system timers
|
|
ansible.builtin.systemd_service:
|
|
name: "{{ item }}"
|
|
state: stopped
|
|
enabled: false
|
|
loop: "{{ systemd_timers_result.stdout_lines | difference(lego_systemd_timers) }}"
|
|
become: true
|
|
|
|
- name: Enable the system timers
|
|
ansible.builtin.systemd_service:
|
|
name: "{{ item }}"
|
|
state: started
|
|
enabled: true
|
|
daemon_reload: true
|
|
loop: "{{ lego_systemd_timers }}"
|
|
become: true
|