feat(deps): switch Cloudflare plugin install to pip

nikolay · nikolay · commit 199d5aef94a7 · 2022-07-31T21:25:43.000-07:00
diff --git a/.ansible-lint b/.ansible-lint
@@ -1,3 +1,3 @@
 ---
-warn_list
+warn_list:
   - yaml[line-length]
diff --git a/.yamllint.yaml b/.yamllint.yaml
@@ -0,0 +1,7 @@
+---
+extends: default
+
+rules:
+  line-length:
+    max: 120
+    level: warning
diff --git a/README.md b/README.md
@@ -23,11 +23,11 @@ Your Cloudflare Global API Key, optionally encrypted `ansible-vault encrypt_stri
       - domains:
           - "*.example3.com"
 
-The wildcard domain to create the cert for. For non-wildcard domains, I recommend using [geerlingguy.certbot](https://github.com/geerlingguy/ansible-role-certbot)
+The wildcard domain to create the cert for. For non-wildcard domains, I recommend using [geerlingguy.certbot](https://github.com/geerlingguy/ansible-role-certbot):
 
     certbot_cloudflare_acme_server: "{{ certbot_cloudflare_acme_test }}"
 
-    or
+or:
 
     certbot_cloudflare_acme_server: "{{ certbot_cloudflare_acme_live }}"
 
@@ -53,12 +53,12 @@ Including an example of how to use your role (for instance, with variables passe
               - "*.example3.com"
 
       roles:
-         - michaelpporter.certbot_cloudflare
+         - nikolay.certbot_cloudflare
 
 ## License
 
 MIT / BSD
 
 ## Author Information
 
-This role was created in 2018 by [Michael Porter](https://www.michaelpporter.com/).
+This role was created in 2018 by [Michael Porter](https://www.michaelpporter.com/), and continued in 2022 by [Nikolay Kolev](https://nikolay.com).
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -1,17 +1,10 @@
 ---
-# defaults file for certbot-cloudflare
-
-# Email address for Cloudflare Global API Key
+# Email address for Cloudflare API key
 certbot_cloudflare_email: "cloudflare@example.com"
-# Your Global API Key from your account
-# ansible-vault encrypt_string 'cloudflareAPIKey' --name 'certbot_cloudflare_api_key'
+# Your Cloudflare API key
+# ansible-vault encrypt_string 'CLOUDFLARE_API_KEY' --name 'certbot_cloudflare_api_key'
 certbot_cloudflare_api_key: ""
 
-certbot_create_standalone_stop_services: []
-certbot_create_if_missing: true
-
-certbot_dir: /opt/certbot
-
 # Use the ACME v2 staging URI for testing things
 certbot_cloudflare_acme_test: "https://acme-staging-v02.api.letsencrypt.org/directory"
 # Production ACME v2 API endpoint
diff --git a/meta/main.yml b/meta/main.yml
@@ -1,3 +1,4 @@
+---
 galaxy_info:
   role_name: certbot_cloudflare
   author: Michael Porter
diff --git a/tasks/main.yml b/tasks/main.yml
@@ -1,34 +1,10 @@
 ---
-# tasks file for certbot-cloudflare
-
-- name: Get software for APT repository management
-  ansible.builtin.apt: name={{ item }} state=present
-  with_items:
-    - build-essential
-    - curl
-    - libffi-dev
-    - libssl-dev
-    - python-apt
-    - python-dev
-    - python-pycurl
-
-- name: Check if certbot-dns-cloudflare plugin is installed
-  ansible.builtin.shell: certbot plugins | grep dns-cloudflare
-  register: cf_check
-  ignore_errors: true
-  changed_when: "cf_check is failed"
-
-- name: Install certbot-dns-cloudflare
-  ansible.builtin.shell: "cd {{ certbot_dir }}/certbot-dns-cloudflare && python setup.py install"
-  when: "cf_check is failed"
-
-- name: Create Certbot folder - sudouser
-  ansible.builtin.file:
-    path: /etc/letsencrypt
-    state: directory
-    owner: root
-    group: root
-    mode: 0700
+- name: Install certbot-dns-cloudflare plugin
+  ansible.builtin.include_role:
+    name: geerlingguy.pip
+    vars:
+      pip_install_packages:
+        - name: certbot-dns-cloudflare
 
 - name: Certbot template
   ansible.builtin.template:
@@ -38,9 +14,9 @@
     group: root
     mode: 0600
   with_items:
-    - src: "templates/confcloudflare.ini.j2"
-      dest: "/etc/letsencrypt/dnscloudflare.ini"
-    - src: "templates/letsencrypt_cli.ini.j2"
+    - src: "templates/dns-cloudflare.ini.j2"
+      dest: "/etc/letsencrypt/dns-cloudflare.ini"
+    - src: "templates/certbot-cli.ini.j2"
       dest: "/etc/letsencrypt/cli.ini"
 
 - name: Create certs
diff --git a/templates/certbot-cli.ini.j2 b/templates/certbot-cli.ini.j2
@@ -0,0 +1,2 @@
+dns-cloudflare-credentials = /etc/letsencrypt/dns-cloudflare.ini
+server = {{ certbot_cloudflare_acme_server }}
diff --git a/templates/dns-cloudflare.ini.j2 b/templates/dns-cloudflare.ini.j2
@@ -1,3 +1,2 @@
-# Cloudflare API credentials used by Certbot
 dns_cloudflare_email = {{ certbot_cloudflare_email }}
 dns_cloudflare_api_key = {{ certbot_cloudflare_api_key }}
diff --git a/templates/letsencrypt_cli.ini.j2 b/templates/letsencrypt_cli.ini.j2
diff --git a/vars/main.yml b/vars/main.yml
@@ -1,7 +1,4 @@
 ---
 certbot_create_command: "certbot certonly --noninteractive --dns-cloudflare --agree-tos --email {{ cert_item.email | default(certbot_admin_email) }} -d {{ cert_item.domains | join(',') }}"
 certbot_create_method: standalone
-certbot_install_from_source: true
-certbot_repo: https://github.com/certbot/certbot.git
-certbot_version: master
-certbot_keep_updated: true
+certbot_install_from_source: false

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,4 @@`
	`1`	`+---`
`1`	`2`	`galaxy_info:`
`2`	`3`	`role_name: certbot_cloudflare`
`3`	`4`	`author: Michael Porter`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+dns-cloudflare-credentials = /etc/letsencrypt/dns-cloudflare.ini`
	`2`	`+server = {{ certbot_cloudflare_acme_server }}`
Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,2 @@`
`1`		`-# Cloudflare API credentials used by Certbot`
`2`	`1`	`dns_cloudflare_email = {{ certbot_cloudflare_email }}`
`3`	`2`	`dns_cloudflare_api_key = {{ certbot_cloudflare_api_key }}`