Fix Hubs SSL config for letsencrypt

playbooks/hosts/hubs-dev.fedorainfracloud.org.yml

@@ -76,11 +76,3 @@
     - hubs-triage@4
     - hubs-worker@3
     - hubs-worker@4
-
-  - name: install python2-certbot-nginx
-    dnf: name=python2-certbot-nginx state=present
-
-  - name: get the letencrypt cert
-    command: certbot certonly -n --nginx -d {{ ansible_fqdn }}
-    args:
-      creates: /etc/letsencrypt/live/{{ ansible_fqdn }}/privkey.pem

roles/hubs/tasks/webserver.yml

@@ -8,17 +8,6 @@
     - libsemanage-python
 
 
-- name: Generate SSL certificate and key
-  shell:
-    echo -e "--\nSomeState\nSomeCity\nSomeOrganization\nSomeOrganizationalUnit\nlocalhost.localdomain\nroot@localhost.localdomain"
-    | openssl req -utf8 -newkey rsa:2048
-    -keyout /etc/pki/tls/private/localhost.key
-    -nodes -x509 -days 365
-    -out /etc/pki/tls/certs/localhost.crt
-  args:
-    creates: /etc/pki/tls/certs/localhost.crt
-
-
 - name: Gunicorn logging configuration
   copy:
     src: logging.ini
@@ -48,6 +37,17 @@
     - restart nginx
 
 
+- name: install python2-certbot-nginx
+  dnf: name=python2-certbot-nginx state=present
+
+- name: get the letencrypt cert
+  command: certbot certonly -n --nginx -d {{ ansible_fqdn }}
+  args:
+    creates: /etc/letsencrypt/live/{{ ansible_fqdn }}/privkey.pem
+  notify:
+    - restart nginx
+
+
 - name: Nginx proxy configuration
   copy:
     src: "{{ item }}"