zertifikate von letsencrypt kopieren

83a36b6b · Christian Elberfeld · 39499e58 · 83a36b6b
Commit 83a36b6b authored 4 years ago by Christian Elberfeld
--- a/webserver/docker_mail/tasks/main.yaml
+++ b/webserver/docker_mail/tasks/main.yaml
@@ -48,7 +48,46 @@
    version: 7c9e89dce588568c5b528b3b9d0e01f42e485952
    # Current version at 2020-11-04

+    
+- name: "create folder struct for {{ servicename }} 3"
+  file:
+    path: "{{ item }}"
+    state: "directory"
+  with_items:
+  - "{{ basedir }}/{{ gitdir }}/data/assets/ssl/"
+  
+# DH Parameter erzeugen 
+- name: check if DH Params exists 
+  stat:
+    path: "{{ basedir }}/{{ gitdir }}/data/assets/ssl/dhparams.pem"
+  register: dhparams
+
+- name: generate new DH Params 
+  command: "openssl dhparam -out {{ basedir }}/{{ gitdir }}/data/assets/ssl/dhparams.pem 2048"
+  when: dhparams.stat.exists == False 
+
+
+# Copy files from letsencrypt (temp until switch to traefik)
+- name: copy cert.pem from letsencrypt (temp until switch to traefik)
+  copy: 
+    remote_src: yes
+    src:  /etc/letsencrypt/live/mailserver.warpzone.ms/cert.pem
+    dest: "{{ basedir }}/{{ gitdir }}/data/assets/ssl/cert.pem"
+
+- name: copy chain.pem from letsencrypt (temp until switch to traefik)
+  copy: 
+    remote_src: yes
+    src:  /etc/letsencrypt/live/mailserver.warpzone.ms/chain.pem
+    dest: "{{ basedir }}/{{ gitdir }}/data/assets/ssl/chain.pem"
+
+- name: copy key.pem files from letsencrypt (temp until switch to traefik)
+  copy: 
+    remote_src: yes
+    src:  /etc/letsencrypt/live/mailserver.warpzone.ms/privkey.pem
+    dest: "{{ basedir }}/{{ gitdir }}/data/assets/ssl/key.pem"
+

+# Copy config files 
 - name: deploy enviroment file
  template:
    dest:  "{{ basedir }}/{{ gitdir }}/.env"
@@ -69,6 +108,7 @@
  register: config 


+# Start containers 
 - name: "stop {{ servicename }} docker"
  docker_compose:
    project_src: "{{ basedir }}/{{ gitdir }}"