From 50cc7317bf9ad59287e7b97d0b9ebe1f3502d342 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Wed, 14 Oct 2020 16:07:41 -0700 Subject: [PATCH] certgetter / staging: drop certgetter01.stg We can just use the main one and not bother with a specific stg one Signed-off-by: Kevin Fenzi --- inventory/inventory | 5 ----- playbooks/groups/certgetter.yml | 4 ++-- roles/letsencrypt/tasks/main.yml | 10 +++++----- 3 files changed, 7 insertions(+), 12 deletions(-) diff --git a/inventory/inventory b/inventory/inventory index 2a15a6925f..745c5e944f 100644 --- a/inventory/inventory +++ b/inventory/inventory @@ -34,9 +34,6 @@ retrace_stg_aws [certgetter] certgetter01.iad2.fedoraproject.org -[certgetter_stg] -certgetter01.stg.iad2.fedoraproject.org - [backup] backup01.iad2.fedoraproject.org @@ -604,7 +601,6 @@ buildvm-x86-03.stg.iad2.fedoraproject.org buildvm-x86-04.stg.iad2.fedoraproject.org buildvm-x86-05.stg.iad2.fedoraproject.org busgateway01.stg.iad2.fedoraproject.org -certgetter01.stg.iad2.fedoraproject.org compose-x86-01.stg.iad2.fedoraproject.org copr-be-dev.aws.fedoraproject.org copr-dist-git-dev.aws.fedoraproject.org @@ -683,7 +679,6 @@ batcave01.iad2.fedoraproject.org bastion01.iad2.fedoraproject.org bastion02.iad2.fedoraproject.org certgetter01.iad2.fedoraproject.org -certgetter01.stg.iad2.fedoraproject.org log01.iad2.fedoraproject.org ns01.iad2.fedoraproject.org ns02.iad2.fedoraproject.org diff --git a/playbooks/groups/certgetter.yml b/playbooks/groups/certgetter.yml index 7ca9fcbf33..857ed3977b 100644 --- a/playbooks/groups/certgetter.yml +++ b/playbooks/groups/certgetter.yml @@ -1,7 +1,7 @@ -- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=certgetter:certgetter_stg" +- import_playbook: "/srv/web/infra/ansible/playbooks/include/virt-create.yml myhosts=certgetter" - name: make the box be real - hosts: certgetter:certgetter_stg + hosts: certgetter user: root gather_facts: True diff --git a/roles/letsencrypt/tasks/main.yml b/roles/letsencrypt/tasks/main.yml index 1e395d152e..a25597aa94 100644 --- a/roles/letsencrypt/tasks/main.yml +++ b/roles/letsencrypt/tasks/main.yml @@ -1,5 +1,5 @@ - name: Generate (or renew) the certificate - delegate_to: "certgetter01{{ env_suffix }}.iad2.fedoraproject.org" + delegate_to: "certgetter01.iad2.fedoraproject.org" command: certbot certonly --expand --keep -n --webroot --webroot-path /var/www/html/ -d {{','.join([site_name] + server_aliases)}} run_once: true register: certbot_output @@ -10,7 +10,7 @@ # Find the directory to use - name: Get the directory to use - delegate_to: "certgetter01{{ env_suffix }}.iad2.fedoraproject.org" + delegate_to: "certgetter01.iad2.fedoraproject.org" # Sometimes we get directories like site-0001, site-0002, etc. We want the latest shell: "file /etc/letsencrypt/live/{{site_name}}* | tail -1 | sed -e 's/: directory//' | tr -d '\n'" register: certbot_dir @@ -21,7 +21,7 @@ # And once we do that, we need to copy some things. - name: Obtain the certificate - delegate_to: "certgetter01{{ env_suffix }}.iad2.fedoraproject.org" + delegate_to: "certgetter01.iad2.fedoraproject.org" command: "cat {{certbot_dir.stdout}}/cert.pem" register: certbot_certificate changed_when: 'false' @@ -30,7 +30,7 @@ - letsencrypt - name: Obtain the intermediate certificate - delegate_to: "certgetter01{{ env_suffix }}.iad2.fedoraproject.org" + delegate_to: "certgetter01.iad2.fedoraproject.org" command: cat {{certbot_dir.stdout}}/chain.pem register: certbot_chain changed_when: 'false' @@ -39,7 +39,7 @@ - letsencrypt - name: Obtain the key - delegate_to: "certgetter01{{ env_suffix }}.iad2.fedoraproject.org" + delegate_to: "certgetter01.iad2.fedoraproject.org" command: cat {{certbot_dir.stdout}}/privkey.pem register: certbot_key changed_when: 'false'