I am currently trying to use the acme_certificate module from ansible to automatically generate a lets encrypt certificate for my servers. Since my service provider doesn't provide a route53 compatible endpoint I had to write my own python script to upload the DNS record including the challenge. Therefore I need to pass the challenge data (to be specific the challenge string itself) to the python script and I dont know how I can nest variables inside the dictionary in order to access the right element. Any ideas how to solve this problem (I tried to use lookup but ended up with having even more error)?
My Playbook:
---
- hosts: localhost
vars:
dns_name: sample.com
tasks:
- name: submit request
acme_certificate:
account_key_src: "{{ tmpdir }}{{ account_key }}"
account_email: cert@{{ dns_name }}
src: "{{ tmpdir }}{{ csrname }}"
fullchain_dest: "{{ tmpdir }}{{ certname }}"
challenge: dns-01
acme_directory: https://acme-staging-v02.api.letsencrypt.org/directory
acme_version: 2
terms_agreed: yes
remaining_days: 60
register: challenge
- name: publish challenge as TXT record
shell: "python3 /tmp/publish_dns.py --dns_name {{ dns_name }} {{ challenge.challenge_data['*.{{ dns_name }}']['dns-01'].resource_value }}"
When I run the playbook I get following error:
TASK [deploy_phishing : publish challenge as TXT record]
***********************
fatal: [server1]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'dict object' has no attribute '*.{{ dns_name }}'\n\nThe error appears to be in '/var/lib/awx/projects/test/roles/generat_cert/tasks/tasks1.yml': line 76, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: publish challenge as TXT record\n ^ here\n"}
