{"id":19109980,"url":"https://github.com/coopdevs/certbot_nginx","last_synced_at":"2025-04-30T20:35:21.404Z","repository":{"id":30246151,"uuid":"124378993","full_name":"coopdevs/certbot_nginx","owner":"coopdevs","description":"Ansible role to install certbot with NGINX plugin","archived":false,"fork":false,"pushed_at":"2024-12-13T08:16:08.000Z","size":51,"stargazers_count":17,"open_issues_count":3,"forks_count":13,"subscribers_count":10,"default_branch":"master","last_synced_at":"2025-04-19T08:33:21.256Z","etag":null,"topics":["ansible","letsencrypt","nginx","ssl"],"latest_commit_sha":null,"homepage":null,"language":"Jinja","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/coopdevs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2018-03-08T11:00:00.000Z","updated_at":"2024-12-12T17:25:57.000Z","dependencies_parsed_at":"2024-11-09T04:24:46.433Z","dependency_job_id":"83e8a536-b302-4b8d-a8ea-83687cfe0e73","html_url":"https://github.com/coopdevs/certbot_nginx","commit_stats":null,"previous_names":[],"tags_count":11,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/coopdevs%2Fcertbot_nginx","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/coopdevs%2Fcertbot_nginx/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/coopdevs%2Fcertbot_nginx/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/coopdevs%2Fcertbot_nginx/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/coopdevs","download_url":"https://codeload.github.com/coopdevs/certbot_nginx/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251778131,"owners_count":21642287,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","letsencrypt","nginx","ssl"],"created_at":"2024-11-09T04:23:07.228Z","updated_at":"2025-04-30T20:35:21.379Z","avatar_url":"https://github.com/coopdevs.png","language":"Jinja","readme":"Certbot NGINX [![Build Status](https://travis-ci.org/coopdevs/certbot_nginx.svg?branch=master)](https://travis-ci.org/coopdevs/certbot_nginx)\n=========\n\nSimple Ansible role to install `certbot` with NGINX plugin on:\n* **Ubuntu 16.04**\n* **Ubuntu 18.04**.\n* **Ubuntu 20.04**.\n* **Ubuntu 22.04**.\n* **Ubuntu 24.04**.\n\nThis role will:\n1. Add `certbot` PPA repository\n2. Install `certbot` and `python-certbot-nginx` packages\n3. `certbot` package will add a `renew` cron job and a systemd-timer ([More info](https://certbot.eff.org/#ubuntuxenial-nginx))\n4. Generate a Let's Encrypt SSL certificates for the given `domain_name`.\n\nWarning\n-------\nIf you already have Nginx installed with a site configured pointing to files in `/etc/letsencrypt` the certificate creation task will fail ([example](https://gitlab.com/coopdevs/odoo-lafeixa-inventory/-/blob/master/inventory/group_vars/all.yml#L37)).\n\nIn general is recommended to execute this role before any other role installing and configuring Nginx.\n\nRole Variables\n--------------\n```yaml\ndomain_name: www.mydomain.io\nletsencrypt_email: myaccount@letsencrypt.org\ncertbot_nginx_cert_name: mycert # optional\ncertbot_version: 0.31.0-1+ubuntu{{ ansible_distribution_version }}.1+certbot+1 # optional\ncertbot_nginx_version: 0.31.0-1+ubuntu{{ ansible_distribution_version }}.1+certbot+1 # optional\n```\n\nif set, `certbot_nginx_cert_name`'s value will be passed to the certbot's `--cert-name` argument, which is used to identify the certificate in certbot command such as `certbot delete`. You will see a list of certificates identified with this name by running `certbot certificates`. This name will also be used as the file paths for the certificate in `/etc/letsencrypt/live/`.\n\nExample Playbook - Single certificate\n-------------------------------------\n\n```yaml\n# Playbook\n- hosts: servers\n  roles:\n    - role: coopdevs.certbot_nginx\n      vars:\n        domain_name: www.mydomain.io\n        letsencrypt_email: myaccount@letsencrypt.org\n```\n\nExample Playbook - Multiple certificates creation\n-------------------------------------------------\n\nAlso allow to generate and manage multiple certificates in the same host.\nYou can define the var `domain_names` and configure a role to incude the this role in a loop.\n\n```yaml\n# Playbook\n- hosts: servers\n  roles:\n    - role: coopdevs.certbot_nginx\n      vars:\n        letsencrypt_email: myaccount@letsencrypt.org\n    - role: certificates\n      vars:\n        domain_names:\n          - community.coopdevs.org\n          - forms.coopdevs.org\n```\n\nCreate a custom role including the `certbot_nginx` role that generates the certificates:\n\n```yaml\n# certificates.yml Role\n---\n- name: Install SSL certificates\n  include_role:\n    name: vendor/coopdevs.certbot_nginx\n    tasks_from: certificate.yml\n  with_items: \"{{ domain_names }}\"\n  loop_control:\n    loop_var: domain_name\n```\n\n\u003e You need to declare the `loop_control` to map the `item` var of the `with_item` loop with the `loop_var` value as `domain_name`. See the [`loop_control` doc](https://docs.ansible.com/ansible/latest/user_guide/playbooks_loops.html?highlight=loop_control#loop-control)\n\nUpdating Existing Certificates\n-------------------------------\n\nIf the details for your site have changed since the certificate was created, you can update the domains list and the role checks the difference between the domains presents in the certificate and the list of domains provided and choose if need to renew the certificate or not. If you want to force the renewal process, you can do it by defining `certbot_force_update: true` or passing `--extra-vars \"certbot_force_update=true\"` via the commandline.\n\n\nLet's Encrypt Staging Environment\n---------------------------------\n\nThis role includes `letsencrypt_staging` variable which defaults to `no`. For development or debugging purposes, one can set it to `yes`,\nfor example by [Passing Variables On The Command Line](http://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#passing-variables-on-the-command-line) `--extra-vars \"letsencrypt_staging=yes\"`\n\nThis will result in use of [Let's Encrypt Staging Environment](https://letsencrypt.org/docs/staging-environment/) and reducing chance of\nrunning up against rate limits.\n\nLicense\n-------\n\nBSD\n\nAuthor Information\n------------------\n\nCoopdevs http://coopdevs.org\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcoopdevs%2Fcertbot_nginx","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcoopdevs%2Fcertbot_nginx","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcoopdevs%2Fcertbot_nginx/lists"}