From 6e16f8eeb6254aaa4d5e69b0e6f18274e3ae9647 Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Fri, 4 Jul 2025 11:07:20 -0700
Subject: [PATCH] certgetter: there is only one certgetter in rdu3, not one in
 every datacenter. Just specify the correct one or proxy playbooks fail for
 all the proxies in other datacenters

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
---
 roles/letsencrypt/tasks/main.yml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/roles/letsencrypt/tasks/main.yml b/roles/letsencrypt/tasks/main.yml
index a7473b1b1a..70e479e866 100644
--- a/roles/letsencrypt/tasks/main.yml
+++ b/roles/letsencrypt/tasks/main.yml
@@ -1,6 +1,6 @@
 ---
 - name: Setup defaults file
-  delegate_to: "certgetter01.{{datacenter}}.fedoraproject.org"
+  delegate_to: "certgetter01.rdu3.fedoraproject.org"
   ansible.builtin.copy: >
     dest=/etc/letsencrypt/cli.ini
     src=cli.ini
@@ -11,7 +11,7 @@
   - letsencrypt
 
 - name: Generate (or renew) the certificate
-  delegate_to: "certgetter01.{{datacenter}}.fedoraproject.org"
+  delegate_to: "certgetter01.rdu3.fedoraproject.org"
   ansible.builtin.command: certbot certonly --expand --keep -n --webroot --webroot-path /var/www/html/ -d {{','.join([site_name] + server_aliases)}}
   run_once: true
   register: certbot_output
@@ -22,7 +22,7 @@
 
 # Find the directory to use
 - name: Get the directory to use
-  delegate_to: "certgetter01.{{datacenter}}.fedoraproject.org"
+  delegate_to: "certgetter01.rdu3.fedoraproject.org"
   # Sometimes we get directories like site-0001, site-0002, etc. We want the latest
   ansible.builtin.shell: "file /etc/letsencrypt/live/{{site_name}}* | tail -1 | sed -e 's/: directory//' | tr -d '\n'"
   register: certbot_dir
@@ -33,7 +33,7 @@
 
 # And once we do that, we need to copy some things.
 - name: Obtain the certificate
-  delegate_to: "certgetter01.{{datacenter}}.fedoraproject.org"
+  delegate_to: "certgetter01.rdu3.fedoraproject.org"
   ansible.builtin.command: "cat {{certbot_dir.stdout}}/cert.pem"
   register: certbot_certificate
   changed_when: 'false'
@@ -42,7 +42,7 @@
   - letsencrypt
 
 - name: Obtain the intermediate certificate
-  delegate_to: "certgetter01.{{datacenter}}.fedoraproject.org"
+  delegate_to: "certgetter01.rdu3.fedoraproject.org"
   ansible.builtin.command: cat {{certbot_dir.stdout}}/chain.pem
   register: certbot_chain
   changed_when: 'false'
@@ -51,7 +51,7 @@
   - letsencrypt
 
 - name: Obtain the key
-  delegate_to: "certgetter01.{{datacenter}}.fedoraproject.org"
+  delegate_to: "certgetter01.rdu3.fedoraproject.org"
   ansible.builtin.command: cat {{certbot_dir.stdout}}/privkey.pem
   register: certbot_key
   changed_when: 'false'