From ae64628958a10362aa7c65050ca8ff2546220c95 Mon Sep 17 00:00:00 2001 From: Elizabeth Hunt Date: Sun, 7 Jan 2024 00:35:54 -0500 Subject: add mail role! --- roles/private/tasks/main.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'roles/private') diff --git a/roles/private/tasks/main.yml b/roles/private/tasks/main.yml index 5c4eb7e..65f544b 100644 --- a/roles/private/tasks/main.yml +++ b/roles/private/tasks/main.yml @@ -84,12 +84,10 @@ - name: reload nginx to activate sites service: name=nginx state=restarted -- name: add monthly letsencrypt cronjob for cert renewal based on hash of domain name to prevent hitting LE rate limits +- name: add daily letsencrypt cronjob for cert renewal based on hash of domain name to prevent hitting LE rate limits cron: name: "letsencrypt_renewal_{{ item.stdout }}" - day: "{{ '%02d' | format(1 + (item.stdout | hash('md5') | int(0, 16) % 27)) }}" - hour: "{{ (item.stdout | hash('md5') | int(0, 16) % 24 ) }}" - minute: "{{ (item.stdout | hash('md5') | int(0, 16) % 60 ) }}" + special_time: "daily" job: "REQUESTS_CA_BUNDLE=/usr/local/share/ca-certificates/{{ step_bootstrap_ca_url }}.crt letsencrypt renew --server https://{{ step_bootstrap_ca_url }}:{{ step_ca_port }}/acme/ACME/directory --cert-name {{ item.stdout }} -n --webroot -w /var/www/letsencrypt --agree-tos --email {{ step_acme_cert_contact }} && service nginx reload" loop: "{{ extracted_domains.results }}" when: item.stdout != "" -- cgit v1.2.3-70-g09d2