lsa.certbot/templates/certbot-certificates.py.j2

#!/usr/bin/env python3
# filepath: /usr/local/bin/certbot_parse_facts.py

import sys
import yaml

def parse_certbot_output(lines):
    certs = []
    cert = {}
    for line in lines:
        if line.startswith("  Certificate Name:"):
            if cert:
                certs.append(cert)
                cert = {}
            cert["name"] = line.split(":", 1)[1].strip()
        elif line.strip().startswith("Serial Number:"):
            cert["serial"] = line.split(":", 1)[1].strip()
        elif line.strip().startswith("Key Type:"):
            cert["key_type"] = line.split(":", 1)[1].strip()
        elif line.strip().startswith("Domains:"):
            cert["domains"] = line.split(":", 1)[1].strip()
        elif line.strip().startswith("Expiry Date:"):
            cert["expiry"] = line.split(":", 1)[1].strip()
        elif line.strip().startswith("Certificate Path:"):
            cert["cert_path"] = line.split(":", 1)[1].strip()
        elif line.strip().startswith("Private Key Path:"):
            cert["key_path"] = line.split(":", 1)[1].strip()
    if cert:
        certs.append(cert)
    return {"certificates": certs}

def sort_certificates_by_name(facts):
    facts["certificates"].sort(key=lambda c: c.get("name", "").lower())

if __name__ == "__main__":
    # Read lines from stdin
    lines = [line.rstrip("\n") for line in sys.stdin]
    facts = parse_certbot_output(lines)
    # Write facts but sorted by certificate name
    sort_certificates_by_name(facts)
    # Output to YAML file for Ansible facts
    with open("/etc/ansible/facts.d/certbot.certificates.yml", "w") as f:
        yaml.dump(facts, f, default_flow_style=False)