Add lego certificate service to ansible

2023-12-20 16:00:03 +01:00 · 2023-12-20 16:00:03 +01:00 · 068a8e2cd7
commit 068a8e2cd7
parent 5246a6b101
13 changed files with 212 additions and 0 deletions
--- a/roles/lego/vars/main.yml
+++ b/roles/lego/vars/main.yml
@ -0,0 +1,31 @@
+---
+lego_svc:
+  name: lego
+
+lego_env:
+  ACME_DNS_API_BASE: https://{{ acme_dns.host }}
+  ACME_DNS_STORAGE_PATH: /config/acme-dns-accounts.json
+
+  LEGO_EMAIL: "{{ admin_email }}"
+  LEGO_PATH: /data
+
+lego_compose:
+  watchtower: false
+  network: false
+  image: goacme/lego
+  volumes:
+    - ./config:/config:ro
+    - "{{ certificates_path }}:/certificates"
+    - data:/data
+  file:
+    services:
+      app:
+        restart: never
+        network_mode: "host"
+        entrypoint:
+          - /lego
+          - --accept-tos
+          - --email={{ admin_email }}
+          - --dns=acme-dns
+    volumes:
+      data: