mise au point

README.md

@@ -32,6 +32,7 @@ apache_ssl_key: /etc/letsencrypt/live/{{ apache_server_name }}/privkey.pem
 apache_user: {{ apache_server_name | regex_search( '([^.]+)' ) }} }}
 apache_allowoverride: all
 apache_update_conf: true - wether we override existing config file
+apache_ssl_root_email: email used for letsencrypt certificate
 
 Example Playbook
 ----------------

defaults/main.yml

@@ -15,5 +15,5 @@ apache_use_php: true
 apache_use_ssl: true
 apache_use_stats: true
 apache_use_zabbix: true
-apache_user: "{{ apache_server_name | regex_search( '([^.]+)' ) }} }}"
+apache_user: "{{ apache_server_name | regex_search( '([^.]+)' ) }}"
 apache_update_conf: true

tasks/certbot.yml

@@ -24,13 +24,13 @@
 - name: generate certificates for domaine and subdomains
   vars:
     subdomains: "-d {{ apache_server_alias | join( ' -d ' ) }}"
-  command: certbot certonly --agree-tos -m {{ apache_ssl_root_email }} --webroot --webroot-path {{ apache_document_root }} -d {{ apache_server_name }} {{ subdomains }}
+  command: certbot certonly --agree-tos --non-interactive -m {{ apache_ssl_root_email }} --webroot --webroot-path {{ apache_document_root }} -d {{ apache_server_name }} {{ subdomains }}
   args:
     creates: "{{ apache_ssl_chain }}"
   when: apache_server_alias is defined
 
 - name: generate certificates
-  command: certbot certonly --agree-tos -m {{ apache_ssl_root_email }} --webroot --webroot-path {{ apache_document_root }} -d {{ apache_server_name }}
+  command: certbot certonly --agree-tos  --non-interactive -m {{ apache_ssl_root_email }} --webroot --webroot-path {{ apache_document_root }} -d {{ apache_server_name }}
   args:
     creates: "{{ apache_ssl_chain }}"
   when: apache_server_alias is not defined

tasks/main.yml

@@ -10,7 +10,7 @@
     - apache
     home: "{{ apache_base_dir }}"
     shell: /bin/bash
-  when: apache_user_password is not defined
+  when: apache_user_password is not defined and apache_user != 'apache'
 
 - name: create dedicated user - ssh
   tags: wip