# acme ~~ roles/acme/tasks/main.yml # acme-client initialization # OPENBSD-ONLY --- - name: ensure acme-client is installed package: name: acme-client state: present - name: generate acme-client configuration template: src: acme-client.conf.j2 dest: /etc/acme-client.conf owner: "{{ user_root }}" group: "{{ group_root }}" mode: 0644 - name: retrieve enabled domains shell: grep "^domain" /etc/acme-client.conf | cut -d " " -f 2 register: subdomains - name: generate acme certificates shell: acme-client -v {{ item }} loop: "{{ subdomains.stdout_lines }}" register: result failed_when: result.rc not in [ 0, 2 ] - name: show acme-client output debug: var: result - name: enable automatic acme certificates update cron: name: "automatic acme certificates update" minute: "0" hour: "6,18" job: "acme-client -v {{ item }}" loop: "{{ subdomains.stdout_lines }}"