hetzner.hcloud.hcloud_certificate – Create and manage certificates on the Hetzner Cloud.

Note

This plugin is part of the hetzner.hcloud collection (version 1.4.2).

To install it use: ansible-galaxy collection install hetzner.hcloud.

To use it in a playbook, specify: hetzner.hcloud.hcloud_certificate.

Synopsis

  • Create, update and manage certificates on the Hetzner Cloud.

Requirements

The below requirements are needed on the host that executes this module.

  • hcloud-python >= 1.0.0

Parameters

Parameter Choices/Defaults Comments
api_token
string / required
This is the API Token for the Hetzner Cloud.
certificate
string
Certificate and chain in PEM format, in order so that each record directly certifies the one preceding.
Required if certificate does not exists.
domain_names
list / elements=string
Certificate key in PEM format.
Required if certificate does not exists.
endpoint
string
Default:
"https://api.hetzner.cloud/v1"
This is the API Endpoint for the Hetzner Cloud.
id
integer
The ID of the Hetzner Cloud certificate to manage.
Only required if no certificate name is given
labels
dictionary
User-defined labels (key-value pairs)
name
string
The Name of the Hetzner Cloud certificate to manage.
Only required if no certificate id is given or a certificate does not exists.
private_key
string
Certificate key in PEM format.
Required if certificate does not exists.
state
string
    Choices:
  • absent
  • present ←
State of the certificate.
type
string
    Choices:
  • uploaded ←
  • managed
Choose between uploading a Certificate in PEM format or requesting a managed Let's Encrypt Certificate.

See Also

See also

Documentation for Hetzner Cloud API

Complete reference for the Hetzner Cloud API.

Examples

- name: Create a basic certificate
  hcloud_certificate:
    name: my-certificate
    certificate: "ssh-rsa AAAjjk76kgf...Xt"
    private_key: "ssh-rsa AAAjjk76kgf...Xt"
    state: present

- name: Create a certificate with labels
  hcloud_certificate:
    name: my-certificate
    certificate: "ssh-rsa AAAjjk76kgf...Xt"
    private_key: "ssh-rsa AAAjjk76kgf...Xt"
    labels:
        key: value
        mylabel: 123
    state: present

- name: Ensure the certificate is absent (remove if needed)
  hcloud_certificate:
    name: my-certificate
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
hcloud_certificate
complex
Always
The certificate instance
 
certificate
string
always
Certificate and chain in PEM format

Sample:
-----BEGIN CERTIFICATE-----...
 
domain_names
dictionary
always
List of Domains and Subdomains covered by the Certificate
 
fingerprint
string
always
Fingerprint of the certificate

Sample:
03:c7:55:9b:2a:d1:04:17:09:f6:d0:7f:18:34:63:d4:3e:5f
 
id
integer
always
Numeric identifier of the certificate

Sample:
1937415
 
labels
dictionary
always
User-defined labels (key-value pairs)
 
name
string
always
Name of the certificate

Sample:
my website cert
 
not_valid_after
string
always
Point in time when the Certificate stops being valid (in ISO-8601 format)
 
not_valid_before
string
always
Point in time when the Certificate becomes valid (in ISO-8601 format)


Authors

  • Lukas Kaemmerling (@lkaemmerling)