Merge pull request #15 from minrk/letsencrypt-repetitive

only run letsencrypt if needed
jupyterhub · Jun 7, 2016 · afed982 · afed982
2 parents 05e2f0a + 41dfd1d
commit afed982
Showing 1 changed file with 6 additions and 3 deletions.
diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml
@@ -16,18 +16,21 @@
   become: true
   when: use_letsencrypt
 
+- stat: path=/etc/letsencrypt/live/{{inventory_hostname}}/cert.pem
+  register: letsencrypt_cert
+
 - name: clone or update the latest letsencrypt repo
-  git: repo=https://github.com/letsencrypt/letsencrypt.git dest=/tmp/letsencrypt
+  git: repo=https://github.com/letsencrypt/letsencrypt.git dest=/tmp/letsencrypt force=yes
   become: true
-  when: use_letsencrypt
+  when: use_letsencrypt and letsencrypt_cert.stat.exists == False
 
 - name: run letsencrypt to generate SSL certs
   command: ./letsencrypt-auto certonly --standalone --agree-tos -m {{letsencrypt_email}} -d {{inventory_hostname}}
   args:
     chdir: /tmp/letsencrypt
     creates: /etc/letsencrypt/live/{{inventory_hostname}}/
   become: true
-  when: use_letsencrypt
+  when: use_letsencrypt and letsencrypt_cert.stat.exists == False
 
 # ---------------------------------------------------
 # Or, install existing SSL cert/key