From 9f4fdacdebb5744985d5634291851a3548a821f3 Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Wed, 27 Jul 2022 10:13:35 -0700
Subject: [PATCH] proxies / mirrors.centos.org: switch to local letsencrypt ssl
 cert

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
---
 playbooks/include/proxies-websites.yml | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/playbooks/include/proxies-websites.yml b/playbooks/include/proxies-websites.yml
index 62e86b151d..81065b6fb8 100644
--- a/playbooks/include/proxies-websites.yml
+++ b/playbooks/include/proxies-websites.yml
@@ -155,11 +155,17 @@
 
   - role: httpd/website
     site_name: mirrors.centos.org
-    server_aliases:
-    - mirrors.stg.centos.org
-    cert_name: "{{mirrors_centos_org_cert_name}}"
-    SSLCertificateChainFile: "mirrors{{env_suffix}}.centos.org.intermediate.cert"
+    sslonly: true
+    certbot: true
     tags: mirrors.centos.org
+    when: env != "staging"
+
+  - role: httpd/website
+    site_name: mirrors.stg.centos.org
+    sslonly: true
+    certbot: true
+    tags: mirrors.stg.centos.org
+    when: env == "staging"
 
   - role: httpd/website
     site_name: src.fedoraproject.org