From 19beb342271ff5c992f9f8981151501eaefde83c Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Thu, 18 Feb 2021 18:28:19 +0100 Subject: [PATCH] [nginx/certbot] Remove obsolete files Signed-off-by: Yohann D'ANELLO --- roles/certbot/tasks/main.yml | 11 ++++++++++- roles/nginx/tasks/main.yml | 17 +++++++++-------- 2 files changed, 19 insertions(+), 9 deletions(-) diff --git a/roles/certbot/tasks/main.yml b/roles/certbot/tasks/main.yml index 812aff2c..91e2fde8 100644 --- a/roles/certbot/tasks/main.yml +++ b/roles/certbot/tasks/main.yml @@ -29,7 +29,7 @@ template: src: "letsencrypt/dhparam.j2" dest: "/etc/letsencrypt/dhparam" - mode: 0644 + mode: 0600 - name: Create /etc/letsencrypt/conf.d file: @@ -46,3 +46,12 @@ - name: Run certbot command: certbot --non-interactive --config /etc/letsencrypt/conf.d/{{ item.certname }}.ini certonly loop: "{{ certbot }}" + +- name: Clean old files + file: + path: "{{ item }}" + state: absent + loop: + - "/etc/letsencrypt/options-ssl-nginx.conf" + - "/etc/letsencrypt/ssl-dhparams.pem" + - "/etc/letsencrypt/rfc2136.ini" diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml index c4371062..c43f3a33 100644 --- a/roles/nginx/tasks/main.yml +++ b/roles/nginx/tasks/main.yml @@ -24,14 +24,6 @@ mode: 0644 loop: "{{ nginx.ssl }}" -- name: Copy dhparam - template: - src: letsencrypt/dhparam.j2 - dest: /etc/letsencrypt/dhparam - owner: root - group: root - mode: 0644 - - name: Disable default site file: dest: "/etc/nginx/sites-enabled/default" @@ -125,3 +117,12 @@ src: update-motd.d/05-service.j2 dest: /etc/update-motd.d/05-nginx mode: 0755 + +- name: Clean old files + file: + path: "{{ item }}" + state: absent + loop: + - "/etc/nginx/snippets/options-ssl.conf" + - "/var/www/custom_401.html" + - "/var/www/robots.txt"