configure certificates even if file exists

2023-08-07 08:59:23 +03:00 · 2023-08-07 08:59:23 +03:00 · 4c8219b554
commit 4c8219b554
parent a64199b9fb
2 changed files with 8 additions and 7 deletions
--- a/tasks/configure_certificates.yml
+++ b/tasks/configure_certificates.yml
@ -13,11 +13,18 @@
  set_fact:
    mail_server_fqdn_ip: "{{ lookup('dig', mail_server_fqdn, '@1.1.1.1') }}"
 - name: Get file certificate stats
  stat:
    path: "/etc/letsencrypt/live/{{ mail_server_fqdn }}"
  register: cert_file
 - name: Ensure server certificate exists
  shell: "certbot certonly --agree-tos --email {{ admin_email }} -n --webroot -d {{ mail_server_fqdn }} --webroot-path /var/www/html"
  args:
    creates: "/etc/letsencrypt/live/{{ mail_server_fqdn }}"
-  when: mail_server_fqdn_ip == node_external_ip
+  when:
    - mail_server_fqdn_ip == node_external_ip
    - not cert_file.stat.exists
 - name: Show check for main mail server
  debug:
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -15,16 +15,10 @@
 - name: Ensure configuration of dbmail
  include_tasks: configure_dbmail.yml
 - name: Get file certificate stats
  stat:
    path: "/etc/letsencrypt/live/{{ mail_server_fqdn }}"
  register: cert_file
 - name: Ensure certificates are configured
  include_tasks: configure_certificates.yml
  when:
    - dbmail_configuration['POP']['tls_port'] > 0 or dbmail_configuration['IMAP']['tls_port'] > 0 or dbmail_configuration['SIEVE']['tls_port'] > 0
    - not cert_file.stat.exists
 - name: Ensure user's are configured in dbmail
  include_tasks: configure_dbmail_users.yml