From 83170bbe6b63fd1ccf5e09df3492770c781db0e6 Mon Sep 17 00:00:00 2001
From: Adrien Reslinger <adrien@reslinger.net>
Date: Tue, 16 Aug 2022 16:07:26 +0200
Subject: [PATCH] Update ansible code

---
 defaults/main.yml |  1 -
 handlers/main.yml |  9 +++++---
 meta/main.yml     | 18 +++++++++-------
 tasks/main.yml    | 53 +++++++++++++++++++++++++----------------------
 vars/RedHat.yml   |  1 -
 5 files changed, 44 insertions(+), 38 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index 62ee96b..fd9cb78 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -2,4 +2,3 @@
 certbot_authtype: http
 certbot_authservice: httpd
 certbot_certname: '{{ ansible_fqdn }}'
-
diff --git a/handlers/main.yml b/handlers/main.yml
index bbef0cb..07042cd 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -1,7 +1,10 @@
 ---
 - name: Restart nginx
-  service: name=nginx state=restarted
+  ansible.builtin.service:
+    name: nginx
+    state: restarted
 
 - name: Restart httpd
-  service: name=httpd state=restarted
-
+  ansible.builtin.service:
+    name: httpd
+    state: restarted
diff --git a/meta/main.yml b/meta/main.yml
index 2fd6e55..379724b 100644
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -6,11 +6,13 @@ galaxy_info:
   galaxy_tags: []
   license: GPL2
   platforms:
-  - name: CentOS
-    version:
-    - 7
-    - 8
-  - name: RedHat
-    version:
-    - 7
-    - 8
+    - name: CentOS
+      version:
+        - 7
+        - 8
+        - 9
+    - name: RedHat
+      version:
+        - 7
+        - 8
+        - 9
diff --git a/tasks/main.yml b/tasks/main.yml
index 55a203b..b663da1 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,15 +1,15 @@
 ---
 - name: Include vars for {{ ansible_os_family }}
-  include_vars: "{{ ansible_os_family }}.yml"
+  ansible.builtin.include_vars: "{{ ansible_os_family }}.yml"
 
 - name: install packages
-  package:
+  ansible.builtin.package:
     name: "{{ certbot_packages }}"
     state: present
-    update_cache: yes
+    update_cache: true
 
 - name: Install httpd
-  include_role:
+  ansible.builtin.include_role:
     name: httpd
   vars:
     httpd_cerbot: false
@@ -20,14 +20,17 @@
     - certbot_authservice == "httpd"
 
 #- name: install web service packages
-#  package: name="{{ certbot_webpackages }}" state=latest update_cache=yes
+#  ansible.builtin.package:
+#    name: "{{ certbot_webpackages }}"
+#    state: present
+#    update_cache: true
 #  notify: Restart httpd
 #  when:
 #    - certbot_authtype == "http"
 #    - certbot_authservice == "httpd"
 
 - name: Make the necessary directory
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     owner: '{{ certbot_webuser }}'
@@ -40,7 +43,7 @@
     - certbot_authtype == "http"
 
 - name: Installation du fichier de verroux
-  copy:
+  ansible.builtin.copy:
     src: "{{ item }}"
     dest: /var/www/.well-known/acme-challenge/{{ item }}
     owner: root
@@ -52,7 +55,7 @@
     - certbot_authtype == "http"
 
 - name: Installation de la configuration de la conf httpd
-  copy:
+  ansible.builtin.copy:
     src: httpd_letsencrypt.conf
     dest: /etc/httpd/conf.d/letsencrypt.conf
     owner: root
@@ -64,7 +67,7 @@
     - certbot_authservice == "httpd"
 
 - name: Check if httpd is reloaded
-  service:
+  ansible.builtin.service:
     name: httpd
     state: reloaded
   when:
@@ -73,7 +76,7 @@
     - need_reload_httpd is changed
 
 - name: Installation de la configuration de la conf nginx
-  copy:
+  ansible.builtin.copy:
     src: nginx_letsencrypt.conf
     dest: /etc/nginx/site-enabled/ssl_force.conf
     owner: root
@@ -85,7 +88,7 @@
     - certbot_authservice == "nginx"
 
 - name: Check if nginx is reloaded
-  service:
+  ansible.builtin.service:
     name: nginx
     state: reloaded
   when:
@@ -94,7 +97,7 @@
     - need_reload_nginx|changed
 
 #- name: Open Firewalld
-#  firewalld:
+#  ansible.posix.firewalld:
 #    service: http
 #    permanent: true
 #    state: enabled
@@ -104,7 +107,7 @@
 #    - ansible_os_family == "RedHat"
 
 - name: Installation des script pour le challenge DNS
-  copy:
+  ansible.builtin.copy:
     src: etc/letsencrypt/{{ item }}
     dest: /etc/letsencrypt/{{ item }}
     owner: root
@@ -117,7 +120,7 @@
     - certbot_authtype == "dns"
 
 - name: Installation de la configuration pour le chalenge DNS via OVH
-  template:
+  ansible.builtin.template:
     src: etc/letsencrypt/ovh-api-keys.j2
     dest: /etc/letsencrypt/ovh-api-keys
     owner: root
@@ -128,7 +131,7 @@
     - certbot_authdns_provider == "ovh"
 
 - name: Installation de la configuration pour le chalenge DNS via Gandi
-  template:
+  ansible.builtin.template:
     src: etc/letsencrypt/gandi-api-keys.j2
     dest: /etc/letsencrypt/gandi-api-keys
     owner: root
@@ -139,12 +142,12 @@
     - certbot_authdns_provider == "gandi"
 
 - name: Check if certificat already exist
-  stat:
+  ansible.builtin.stat:
     path: /etc/letsencrypt/live/{{ certbot_certname }}/fullchain.pem
   register: cert
 
 - name: Install certbot and generate cert
-  command: >
+  ansible.builtin.command: >
     certbot certonly --noninteractive --agree-tos --manual-public-ip-logging-ok
     --renew-by-default --text  --webroot --webroot-path /var/www/
     --email {{ certbot_adminemail }} -d {{ certbot_certname }}
@@ -153,7 +156,7 @@
     - certbot_authtype == "http"
 
 - name: Install certbot and generate cert
-  command: >
+  ansible.builtin.command: >
     certbot certonly --noninteractive --agree-tos --manual-public-ip-logging-ok
     --renew-by-default --text --manual --manual-auth-hook "/etc/letsencrypt/lexicon-ovh.sh create"
     --manual-cleanup-hook "/etc/letsencrypt/lexicon-ovh.sh delete" --preferred-challenges dns
@@ -162,14 +165,14 @@
     - not cert.stat.exists
     - certbot_authtype == "dns"
 
-#- name: Ensure a cron job to auto-renew the cert exists
-#  cron: name="daily auto renew cert"
-#        special_time=daily
-#        job="certbot renew --webroot --webroot-path /var/www/ --no-self-upgrade --post-hook \"systemctl reload httpd\" --quiet"
-#        state=present
-##  when: certbot_auto_renew
+# - name: Ensure a cron job to auto-renew the cert exists
+#   ansible.builtin.cron: name="daily auto renew cert"
+#         special_time=daily
+#         job="certbot renew --webroot --webroot-path /var/www/ --no-self-upgrade --post-hook \"systemctl reload httpd\" --quiet"
+#         state=present
+##   when: certbot_auto_renew
 - name: Ensure a cron job to auto-renew the cert exists
-  cron:
+  ansible.builtin.cron:
     name: "daily auto renew cert"
     special_time: daily
     job: "certbot renew --quiet"
diff --git a/vars/RedHat.yml b/vars/RedHat.yml
index a3b2273..d2fdede 100644
--- a/vars/RedHat.yml
+++ b/vars/RedHat.yml
@@ -9,4 +9,3 @@ certbot_webpackages:
 #  - {% if certbot_authservice == 'httpd' %}httpd{% elif certbot_authservice == 'nginx' %}nginx{% endif %}
   - httpd
 certbot_webuser: apache
-