Skip to content

24367dfa/ansible-role-dehydrated

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

41 Commits
.github/workflows
.github/workflows
 
 
defaults
defaults
 
 
handlers
handlers
 
 
meta
meta
 
 
tasks
tasks
 
 
templates
templates
 
 
.editorconfig
.editorconfig
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Ansible Role: Dehydrated

An Ansible Role that installs dehydrated.

Usage

Minimal configuration

vars:
  dehydrated_contact_email: ""
  dehydrated_domains:
    - name: "example.com"

roles:
  - role: dehydrated

Full example

vars:
  dehydrated_version: "v0.7.0"
  dehydrated_contact_email: ""
  dehydrated_location: "/usr/local/share/dehydrated"
  dehydrated_binary: "/usr/local/bin/dehydrated"
  dehydrated_config_dir: "/usr/local/etc/dehydrated"
  dehydrated_base_dir: "{{ dehydrated_config_dir }}"
  dehydrated_certs_dir: "{{ dehydrated_config_dir }}/certs"
  dehydrated_wellknown_dir: "{{ dehydrated_config_dir }}/challenge"
  dehydrated_force_update: True
  dehydrated_common_hooks:
    deploy_cert_hook: /usr/bin/systemctl reload nginx
  dehydrated_domains:
    - name: example.org
    - name: example.net
    - name: example.com
      alternate_names:
        - www.example.com
        - web.example.com
      deploy_cert_hook:     # empty
      deploy_challenge_hook: printf 'server 127.0.0.1\nupdate add _acme-challenge.%s 300 IN TXT "%s"\nsend\n' "${DOMAIN}" "${TOKEN_VALUE}" | nsupdate -k /var/run/named/session.key
      clean_challenge_hook: printf 'server 127.0.0.1\nupdate delete _acme-challenge.%s TXT "%s"\nsend\n' "${DOMAIN}" "${TOKEN_VALUE}" | nsupdate -k /var/run/named/session.key

roles:
  - role: dehydrated

Migrate from Debian example

If you used the Debian dehydrated package before, you can migrate to this role while keeping your account and cert data. To mimic the directory structure used by Debian, configure the role like this:

dehydrated_contact_email: "acme@example.com"
dehydrated_config_dir: "/etc/dehydrated"
dehydrated_base_dir: "/var/lib/dehydrated"
dehydrated_certs_dir: "{{ dehydrated_base_dir }}/certs"
dehydrated_wellknown_dir: "{{ dehydrated_base_dir }}/acme-challenges"

Upgrade dehydrated with Renovate Bot

Add something like this to your playbook:

vars:
  dehydrated_version: v0.7.1

Then add the following fragment to your renovate.json so renovate can update the version in your playbook. Adapt "managerFilePatterns" to your needs.

      {
        "customType": "regex",
        "managerFilePatterns": [ "/\\.yml$/" ],
        "packageNameTemplate": "dehydrated-io/dehydrated",
        "datasourceTemplate": "github-tags",
        "versioningTemplate": "semver",
        "matchStrings": [ "dehydrated_version: (?<currentValue>.*?)\\s" ]
      }

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

3 watching

Forks

3 forks
Report repository

Releases 10

2.5.0 Latest
Dec 15, 2025
+ 9 releases

Packages

 
 
 

Contributors

Languages