6c069918f8a22fe6814766f7f520d25085f6448c — Kridsada Thanabulpong 3 months ago 675eea8
Use periodic.sh for first dehydrated run
1 files changed, 10 insertions(+), 19 deletions(-)

M openbsd-dehydrated/tasks/main.yml
M openbsd-dehydrated/tasks/main.yml => openbsd-dehydrated/tasks/main.yml +10 -19
@@ 111,25 111,6 @@ changed_when: letsencrypt_account_create.rc == 255
    failed_when: letsencrypt_account_create.rc > 0 and letsencrypt_account_create.rc < 255
  
- - name: setup initial letsencrypt certs
-   become: yes
-   become_user: _dehydrated
-   shell: |
-     #!/bin/sh -e
-     /usr/local/bin/dehydrated \
-       --hook /etc/dehydrated/hook.sh \
-       --challenge dns-01 \
-       --cron
-     {% for postcmd in dehydrated_postcmds %}
- 
-     ( # postcmd-{{loop.index}}
-       {{postcmd|trim|indent(2)}}
-     ) || exit 1
-     {% endfor %}
-   environment: "{{dehydrated_lexicon_config}}"
-   register: letsencrypt_initial_cert
-   changed_when: letsencrypt_initial_cert.stdout.find("unchanged_cert") == -1
- 
  
  ## Periodic
  ##


@@ 149,3 130,13 @@ name: dehydrated periodic
      special_time: weekly
      job: /etc/dehydrated/periodic.sh
+ 
+ 
+ ## First run
+ ##
+ 
+ - name: setup initial letsencrypt certs
+   become: yes
+   command: sh /etc/dehydrated/periodic.sh
+   register: letsencrypt_initial_cert
+   changed_when: letsencrypt_initial_cert.stdout.find("unchanged_cert") == -1