|
@@ -55,10 +55,13 @@
|
55
|
55
|
mode: 0755
|
56
|
56
|
|
57
|
57
|
- name: Create live directory for LetsEncrypt cron job
|
58
|
|
- file: state=directory path=/etc/letsencrypt/live group=root owner=root
|
|
58
|
+ file: state=directory path=/etc/letsencrypt/live group=ssl-cert owner=root
|
59
|
59
|
|
60
|
60
|
- name: Get an SSL certificate for {{ virtual_domains | json_query('[*].name') | join(' ') }} from Let's Encrypt
|
61
|
61
|
script: letsencrypt-gencert {{ virtual_domains | json_query('[*].name') | join(' ') }} creates=/etc/letsencrypt/live/{{ domain }}/privkey.pem
|
62
|
62
|
|
63
|
|
-- name: Modify permissions to allow ssl-cert group access
|
64
|
|
- file: path=/etc/letsencrypt/archive owner=root group=ssl-cert mode=0750
|
|
63
|
+- name: Modify permissions to allow ssl-cert group access to archive
|
|
64
|
+ file: path=/etc/letsencrypt/archive owner=root group=ssl-cert mode=0750 recurse=yes
|
|
65
|
+
|
|
66
|
+- name: Modify permissions to allow ssl-cert group access to live
|
|
67
|
+ file: path=/etc/letsencrypt/live owner=root group=ssl-cert mode=0750 recurse=yes
|