|
@@ -9,7 +9,7 @@
|
9
|
9
|
group: name=znc state=present
|
10
|
10
|
|
11
|
11
|
- name: Create znc user
|
12
|
|
- user: name=znc state=present home=/var/lib/znc system=yes group=znc shell=/usr/sbin/nologin
|
|
12
|
+ user: name=znc state=present home=/usr/lib/znc system=yes group=znc shell=/usr/sbin/nologin
|
13
|
13
|
|
14
|
14
|
- name: Ensure pid directory exists
|
15
|
15
|
file: state=directory path=/var/run/znc group=znc owner=znc
|
|
@@ -17,9 +17,11 @@
|
17
|
17
|
- name: Copy znc service file into place
|
18
|
18
|
copy: src=etc_systemd_system_znc.service dest=/etc/systemd/system/znc.service mode=0644
|
19
|
19
|
|
20
|
|
-- name: Create a combined version of the private key with public cert and intermediate + root CAs
|
21
|
|
- shell: cat /etc/ssl/private/wildcard_private.key /etc/ssl/certs/wildcard_combined.pem >
|
22
|
|
- /usr/lib/znc/znc.pem creates=/usr/lib/znc/znc.pem
|
|
20
|
+- name: Create a combined version of the SSL private key and full certificate chain
|
|
21
|
+ shell: cat /etc/letsencrypt/live/{{ domain }}/privkey.pem
|
|
22
|
+ /etc/letsencrypt/live/{{ domain }}/fullchain.pem >
|
|
23
|
+ /usr/lib/znc/znc.pem
|
|
24
|
+ creates=/usr/lib/znc/znc.pem
|
23
|
25
|
notify: restart znc
|
24
|
26
|
|
25
|
27
|
- name: Ensure znc user and group can read cert
|