From ae88d14aeb8b82a54bd03419beb431d44dd91d6b Mon Sep 17 00:00:00 2001
From: Pierre-Yves Chibon <pingou@pingoured.fr>
Date: Wed, 31 Oct 2018 16:03:43 +0100
Subject: [PATCH] Let's try to get certbot to provide a cert for ci-cc

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
---
 roles/ci_resultsdb/tasks/main.yml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/roles/ci_resultsdb/tasks/main.yml b/roles/ci_resultsdb/tasks/main.yml
index 82cb85af7d..a4ec13408e 100644
--- a/roles/ci_resultsdb/tasks/main.yml
+++ b/roles/ci_resultsdb/tasks/main.yml
@@ -49,3 +49,27 @@
   service: name={{ item }} enabled=yes state=started
   with_items:
   - fedmsg-hub
+
+- name: letsencrypt cert
+  include_role: name=certbot
+  tags:
+  - config
+  - certbot
+
+- name: Check that cert file exists
+  stat:
+    path: "/etc/letsencrypt/live/resultsdb.ci.centos.org/cert.pem"
+  register: stat_cert
+  tags:
+  - config
+  - certbot
+
+- name: Should admin run certbot?
+  fail:
+    msg: Please see roles/certbot/README step (2) and manually run certbot
+  when:
+    - stat_cert.stat.exists == False
+  tags:
+  - config
+  - certbot
+