Fixed a lot of small bugs and typos

roles/service-gogs/handlers/main.yml

@@ -6,4 +6,9 @@
 - name: Reload nginx
   service:
     name: nginx
-    state: reloaded
+    state: reloaded
+
+- name: Restart nginx
+  service:
+    name: nginx
+    state: restarted

roles/service-gogs/tasks/gogs.yml

@@ -18,7 +18,7 @@
 
 - name: gogs prereqs
   become: yes
-  apt: name={{item}} state=present update_cache=yes
+  apt: name={{item}} state=present update_cache=yes cache_valid_time=86400
   with_items:
     - openssh-server
     - git
@@ -84,12 +84,14 @@
     dest: /etc/systemd/system/service.gogs
 
 - name: Reload systemd
+  become: yes
   when: gogssystend|changed
   shell: systemctl daemon-reload
   notify:
     - Restart gogs
 
 - name: Ensure gogs service is started and enabled
+  become: yes
   service:
     name: gogs
     state: started

roles/service-gogs/tasks/nginx.yml

@@ -1,4 +1,5 @@
 - name: Ensure nginx configuration is up to date
+  become: yes
   template:
     src: "{{ item.src }}"
     dest: "/etc/nginx/sites-available/{{ item.dest }}"
@@ -9,11 +10,13 @@
       dest: gogs_unsecure.conf
 
 - name: Ensure unsecure nginx configuration is up to date
+  become: yes
   template:
     src: gogs_unsecure.conf.j2
     dest: /etc/nginx/sites-available/gogs_unsecure.conf
 
 - name: Ensure unsecure gogs configuration for nginx is enabled
+  become: yes
   file: 
     state: link
     dest: /etc/nginx/sites-enabled/gogs_unsecure.conf
@@ -21,20 +24,25 @@
   notify: Reload nginx
 
 - name: Ensure nginx is running
+  become: yes
   service:
     name: nginx
     state: started
 
 - stat:
     path: "/var/lib/acme/live/{{ gogs_domain }}/privkey;"
+  become: yes
   register: gogs_key_file_stat
 
 - name: Let acmetool generate a key and a certificate
+  become: yes
   when: not gogs_key_file_stat.stat.exists
   shell: /usr/bin/acmetool want --batch {{ gogs_domain }}
+  notify: Restart nginx
 
 
 - name: Ensure gogs configuration for nginx is enabled
+  become: yes
   file: 
     state: link
     dest: /etc/nginx/sites-enabled/gogs.conf

roles/service-gogs/templates/app.ini.j2

@@ -69,8 +69,8 @@ DISABLE_ROUTER_LOG = false
 ; not forget to export the private key):
 ; $ openssl pkcs12 -in cert.pfx -out cert.pem -nokeys
 ; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes
-; CERT_FILE = {{ gogs_ssl_cert }}
-; KEY_FILE = {{ gogs_ssl_key }}
+; CERT_FILE = 
+; KEY_FILE = 
 ; Upper level of template and static file path
 ; default is the path where Gogs is executed
 STATIC_ROOT_PATH =
@@ -85,9 +85,9 @@ LANDING_PAGE = home
 ; Either "mysql", "postgres" or "sqlite3", it's your choice
 DB_TYPE = sqlite3
 ; HOST = 127.0.0.1:5432
-; NAME = {{ pg_dbname }}
-; USER = {{ pg_user }}
-; PASSWD = `{{ pg_password }}`
+; NAME = 
+; USER = 
+; PASSWD = ``
 ; For "postgres" only, either "disable", "require" or "verify-full"
 ; SSL_MODE = disable
 PATH = 

roles/service-gogs/templates/gogs_nginx.conf.j2

@@ -3,7 +3,7 @@ server {
   listen          [::]:443 ssl http2 default_server;
   server_name     {{ gogs_domain }};
 
-  include /etc/nginx/ssl.conf
+  include /etc/nginx/ssl.conf;
 
   ssl_certificate /var/lib/acme/live/{{ gogs_domain }}/fullchain;
   ssl_certificate_key /var/lib/acme/live/{{ gogs_domain }}/privkey;

roles/service-nginx/templates/acme_config.j2

@@ -1,6 +1,6 @@
 "acme-enter-email": "{{ nginx_acmetool_account_email }}"
 "acme-agreement:https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf": true
-"acmetool-quickstart-choose-server": https://acme-staging.api.letsencrypt.org/directory
+"acmetool-quickstart-choose-server": https://acme-v01.api.letsencrypt.org/directory
 "acmetool-quickstart-choose-method": redirector
 "acmetool-quickstart-complete": true
 "acmetool-quickstart-install-cronjob": true