ansible-ffibk/roles/service-nginx/templates/ssl_certs.cron.j2

#!/bin/sh

DOMAINS="{{ inventory_hostname_short }}.{{ http_domain_external }}"
LOCAL_DIR="/etc/nginx/ssl"

for DOMAIN in $DOMAINS;
do
 #Get Certs
 rsync --delete -rz -e  'ssh -i /home/admin/.ssh/id_rsa -p 23' cert@{{ acme_server }}.{{ http_domain_internal }}:$DOMAIN/ $LOCAL_DIR/$DOMAIN
  
 #Fix Permissions
 chmod 0550 $LOCAL_DIR/$DOMAIN
 chmod 0440 $LOCAL_DIR/$DOMAIN/*
done

#Fix owners
chown -R www-data:admin $LOCAL_DIR

#restart
systemctl reload nginx.service
Role service-nginx: add tasks to forward ACME HTTP requests and fetch certificates 2018-06-15 09:04:33 +02:00			`#!/bin/sh`

			`DOMAINS="{{ inventory_hostname_short }}.{{ http_domain_external }}"`
			`LOCAL_DIR="/etc/nginx/ssl"`

			`for DOMAIN in $DOMAINS;`
			`do`
			`#Get Certs`
			`rsync --delete -rz -e 'ssh -i /home/admin/.ssh/id_rsa -p 23' cert@{{ acme_server }}.{{ http_domain_internal }}:$DOMAIN/ $LOCAL_DIR/$DOMAIN`

			`#Fix Permissions`
			`chmod 0550 $LOCAL_DIR/$DOMAIN`
			`chmod 0440 $LOCAL_DIR/$DOMAIN/*`
			`done`

			`#Fix owners`
			`chown -R www-data:admin $LOCAL_DIR`

			`#restart`
			`systemctl reload nginx.service`