From 4b3b89d56073d3f2c0448327c23c675556545d4f Mon Sep 17 00:00:00 2001
From: phil <phil@systemausfall.org>
Date: Tue, 11 Apr 2023 21:38:48 +0200
Subject: [PATCH] Add cron job, update README

---
 README.md            | 18 ++++++++++++++++--
 defaults/main.yml    |  5 +++++
 tasks/dehydrated.yml | 15 +++++++++++++++
 tasks/main.yml       |  6 ++++--
 tasks/packages.yml   |  1 +
 5 files changed, 41 insertions(+), 4 deletions(-)
 create mode 100644 defaults/main.yml

diff --git a/README.md b/README.md
index b864988..60ac892 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,19 @@
 Dehydrated
 ==========
 
-Diese Rolle installiert [dehydrated](https://dehydrated.io/), akzeptiert die TOS und erstellt eine `domains.txt`.
-Sie ist zur Verwendung in anderen playbooks gedacht.
+Setup and configure [Dehydrated](https://dehydrated.io/).
+
+**Feature**
+- Install Dehydrate
+- Accept TOS
+- Create `domains.txt` and domain directory
+- Create cron job for certificate renewal
+
+## Variables
+
+| Name | Default | Descrition |
+|--|--|--|
+| `dehydrated_cron_name` | Dehydrated certificate renewal | Name of the cron job |
+| `dehydrated_cron_hour` | 01 | Hour to run the cron job |
+| `dehydrated_cron_minute` | 08 | Minute to run the cron job |
+| `dehydrated_cron_user` | root | User to create the cron job for |
diff --git a/defaults/main.yml b/defaults/main.yml
new file mode 100644
index 0000000..0ead7f9
--- /dev/null
+++ b/defaults/main.yml
@@ -0,0 +1,5 @@
+---
+dehydrated_cron_name: Dehydrated certificate renewal
+dehydrated_cron_hour: "01"
+dehydrated_cron_minute: "08"
+dehydrated_cron_user: root
diff --git a/tasks/dehydrated.yml b/tasks/dehydrated.yml
index d204e25..d6c3968 100644
--- a/tasks/dehydrated.yml
+++ b/tasks/dehydrated.yml
@@ -2,8 +2,23 @@
 - name: "Dehydrated | Accept TOS"
   ansible.builtin.command: dehydrated --register --accept-terms
 
+# https://github.com/dehydrated-io/dehydrated/blob/master/docs/domains_txt.md
 - name: "Dehydrated | Create domains.txt"
   ansible.builtin.file:
     path: /etc/dehydrated/domains.txt
     state: touch
     mode: "0644"
+
+- name: "Dehydrated | Create domains directory"
+  ansible.builtin.file:
+    path: /etc/dehydrated/domains.txt.d
+    state: directory
+    mode: "0755"
+
+- name: Dehydrated | Create cron job
+  ansible.builtin.cron:
+    name: "{{ dehydrated_cron_name }}"
+    hour: "{{ dehydrated_cron_hour }}"
+    minute: "{{ dehydrated_cron_minute }}"
+    user: "{{ dehydrated_cron_user }}"
+    job: "chronic dehydrated --cron -g"
diff --git a/tasks/main.yml b/tasks/main.yml
index 9436627..0362ed4 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,6 +1,8 @@
 ---
-- import_tasks: packages.yml
+- name: Install packages
+  ansible.builtin.import_tasks: packages.yml
   tags: packages
 
-- import_tasks: dehydrated.yml
+- name: Configure Dehydrated
+  ansible.builtin.import_tasks: dehydrated.yml
   tags: dehydrated
diff --git a/tasks/packages.yml b/tasks/packages.yml
index 2eefdee..d65baf1 100644
--- a/tasks/packages.yml
+++ b/tasks/packages.yml
@@ -2,4 +2,5 @@
 - name: Packages | Install package
   ansible.builtin.apt:
     pkg:
+      - chronic
       - dehydrated