certgetter: there is only one certgetter in rdu3, not one in every datacenter. Just specify the correct one or proxy playbooks fail for all the proxies in other datacenters
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This commit is contained in:
Kevin Fenzi
parent
e0e8bd9816
commit
6e16f8eeb6
1 changed files with 6 additions and 6 deletions
|
|
@ -1,6 +1,6 @@
|
||||||
---
|
---
|
||||||
- name: Setup defaults file
|
- name: Setup defaults file
|
||||||
delegate_to: "certgetter01.{{datacenter}}.fedoraproject.org"
|
delegate_to: "certgetter01.rdu3.fedoraproject.org"
|
||||||
ansible.builtin.copy: >
|
ansible.builtin.copy: >
|
||||||
dest=/etc/letsencrypt/cli.ini
|
dest=/etc/letsencrypt/cli.ini
|
||||||
src=cli.ini
|
src=cli.ini
|
||||||
|
|
@ -11,7 +11,7 @@
|
||||||
- letsencrypt
|
- letsencrypt
|
||||||
|
|
||||||
- name: Generate (or renew) the certificate
|
- name: Generate (or renew) the certificate
|
||||||
delegate_to: "certgetter01.{{datacenter}}.fedoraproject.org"
|
delegate_to: "certgetter01.rdu3.fedoraproject.org"
|
||||||
ansible.builtin.command: certbot certonly --expand --keep -n --webroot --webroot-path /var/www/html/ -d {{','.join([site_name] + server_aliases)}}
|
ansible.builtin.command: certbot certonly --expand --keep -n --webroot --webroot-path /var/www/html/ -d {{','.join([site_name] + server_aliases)}}
|
||||||
run_once: true
|
run_once: true
|
||||||
register: certbot_output
|
register: certbot_output
|
||||||
|
|
@ -22,7 +22,7 @@
|
||||||
|
|
||||||
# Find the directory to use
|
# Find the directory to use
|
||||||
- name: Get the directory to use
|
- name: Get the directory to use
|
||||||
delegate_to: "certgetter01.{{datacenter}}.fedoraproject.org"
|
delegate_to: "certgetter01.rdu3.fedoraproject.org"
|
||||||
# Sometimes we get directories like site-0001, site-0002, etc. We want the latest
|
# Sometimes we get directories like site-0001, site-0002, etc. We want the latest
|
||||||
ansible.builtin.shell: "file /etc/letsencrypt/live/{{site_name}}* | tail -1 | sed -e 's/: directory//' | tr -d '\n'"
|
ansible.builtin.shell: "file /etc/letsencrypt/live/{{site_name}}* | tail -1 | sed -e 's/: directory//' | tr -d '\n'"
|
||||||
register: certbot_dir
|
register: certbot_dir
|
||||||
|
|
@ -33,7 +33,7 @@
|
||||||
|
|
||||||
# And once we do that, we need to copy some things.
|
# And once we do that, we need to copy some things.
|
||||||
- name: Obtain the certificate
|
- name: Obtain the certificate
|
||||||
delegate_to: "certgetter01.{{datacenter}}.fedoraproject.org"
|
delegate_to: "certgetter01.rdu3.fedoraproject.org"
|
||||||
ansible.builtin.command: "cat {{certbot_dir.stdout}}/cert.pem"
|
ansible.builtin.command: "cat {{certbot_dir.stdout}}/cert.pem"
|
||||||
register: certbot_certificate
|
register: certbot_certificate
|
||||||
changed_when: 'false'
|
changed_when: 'false'
|
||||||
|
|
@ -42,7 +42,7 @@
|
||||||
- letsencrypt
|
- letsencrypt
|
||||||
|
|
||||||
- name: Obtain the intermediate certificate
|
- name: Obtain the intermediate certificate
|
||||||
delegate_to: "certgetter01.{{datacenter}}.fedoraproject.org"
|
delegate_to: "certgetter01.rdu3.fedoraproject.org"
|
||||||
ansible.builtin.command: cat {{certbot_dir.stdout}}/chain.pem
|
ansible.builtin.command: cat {{certbot_dir.stdout}}/chain.pem
|
||||||
register: certbot_chain
|
register: certbot_chain
|
||||||
changed_when: 'false'
|
changed_when: 'false'
|
||||||
|
|
@ -51,7 +51,7 @@
|
||||||
- letsencrypt
|
- letsencrypt
|
||||||
|
|
||||||
- name: Obtain the key
|
- name: Obtain the key
|
||||||
delegate_to: "certgetter01.{{datacenter}}.fedoraproject.org"
|
delegate_to: "certgetter01.rdu3.fedoraproject.org"
|
||||||
ansible.builtin.command: cat {{certbot_dir.stdout}}/privkey.pem
|
ansible.builtin.command: cat {{certbot_dir.stdout}}/privkey.pem
|
||||||
register: certbot_key
|
register: certbot_key
|
||||||
changed_when: 'false'
|
changed_when: 'false'
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue