Good morning. Here’s a bit of a challenge. I’m working on a playbook to get certs from letsencrypt, then put those into zone files. Rather than use the Ansible letsencrypt module, we’ve written a Perl script to get the certs. For each domain that we get certs for, a separate file named -le.txt is created in /etc/ansible/playbooks/files. It looks like this:
I need to extract the certs and put them into the domain’s zone file. This is what the playbook looks like right now, where we currently have to paste in the certs, as can be seen from the two prompts. That’s what I’m trying to further automate:
Hey, Stuart. Yup, use of set_fact was really the key (pardon the pun). Here’s the playbook, which now works perfectly, if it might be useful to anyone else (the debug stuff in it can, of course, be removed):
Ah, I thought I was done with this. But,now, running the Perl script failed. I guess the script module only works with bash scripts? So, that’s probably out. Among other things, I tried this, but it didn’t work:
tasks:
name: Run scripts to create Letsencrypt keys
local_action: ansible.builtin.shell /etc/ansible/playbooks/files/renew_le_domain.pl {{ domain }}
The command " /etc/ansible/playbooks/files/renew_le_domain.pl mydomain.com" appears correct (where " mydomain.com" is an argument that the Perl script expects). The script has to run on the command node, and must generate a file file on the command node. When I run “last” on dns1, it looks like the ansible user has tried to connect to it.