diff --git a/inventory/group_vars/staging b/inventory/group_vars/staging index da81e39c15..00d262c313 100644 --- a/inventory/group_vars/staging +++ b/inventory/group_vars/staging @@ -7,10 +7,10 @@ env_short: stg host_group: staging # This is the wildcard certname for our stg proxies. -wildcard_cert_name: wildcard-2017.stg.fedoraproject.org -wildcard_cert_file: wildcard-2017.stg.fedoraproject.org.cert -wildcard_key_file: wildcard-2017.stg.fedoraproject.org.key -wildcard_int_file: wildcard-2017.stg.fedoraproject.org.intermediate.cert +wildcard_cert_name: wildcard-2020.stg.fedoraproject.org +wildcard_cert_file: wildcard-2020.stg.fedoraproject.org.cert +wildcard_key_file: wildcard-2020.stg.fedoraproject.org.key +wildcard_int_file: wildcard-2020.stg.fedoraproject.org.intermediate.cert # This is the openshift wildcard cert for stg os_wildcard_cert_name: wildcard-2017.app.os.stg.fedoraproject.org diff --git a/playbooks/include/proxies-certificates.yml b/playbooks/include/proxies-certificates.yml index c6704a59e0..15ef452bb3 100644 --- a/playbooks/include/proxies-certificates.yml +++ b/playbooks/include/proxies-certificates.yml @@ -20,12 +20,12 @@ SSLCertificateChainFile: wildcard-2020.fedoraproject.org.intermediate.cert - role: httpd/certificate - certname: wildcard-2017.id.fedoraproject.org - SSLCertificateChainFile: wildcard-2017.id.fedoraproject.org.intermediate.cert + certname: wildcard-2020.id.fedoraproject.org + SSLCertificateChainFile: wildcard-2020.id.fedoraproject.org.intermediate.cert - role: httpd/certificate - certname: wildcard-2017.stg.fedoraproject.org - SSLCertificateChainFile: wildcard-2017.stg.fedoraproject.org.intermediate.cert + certname: wildcard-2020.stg.fedoraproject.org + SSLCertificateChainFile: wildcard-2020.stg.fedoraproject.org.intermediate.cert when: env == "staging" - role: httpd/certificate diff --git a/playbooks/include/proxies-websites.yml b/playbooks/include/proxies-websites.yml index 6800552011..a18f7a3a3e 100644 --- a/playbooks/include/proxies-websites.yml +++ b/playbooks/include/proxies-websites.yml @@ -724,7 +724,7 @@ site_name: taskotron.stg.fedoraproject.org server_aliases: [taskotron.stg.fedoraproject.org] # Set this explicitly to stg here.. as per the original puppet config. - SSLCertificateChainFile: wildcard-2017.stg.fedoraproject.org.intermediate.cert + SSLCertificateChainFile: wildcard-2020.stg.fedoraproject.org.intermediate.cert sslonly: true cert_name: "{{wildcard_cert_name}}" when: env == "staging" @@ -765,8 +765,8 @@ # Must not be sslonly, because example.id.fedoraproject.org must be reachable # via plain http for openid identity support sslonly: false - cert_name: wildcard-2017.id.fedoraproject.org - SSLCertificateChainFile: wildcard-2017.id.fedoraproject.org.intermediate.cert + cert_name: wildcard-2020.id.fedoraproject.org + SSLCertificateChainFile: wildcard-2020.id.fedoraproject.org.intermediate.cert tags: - id.fedoraproject.org when: env == "production" @@ -779,7 +779,7 @@ # via plain http for openid identity support sslonly: false cert_name: "{{wildcard_cert_name}}" - SSLCertificateChainFile: wildcard-2017.stg.fedoraproject.org.intermediate.cert + SSLCertificateChainFile: wildcard-2020.stg.fedoraproject.org.intermediate.cert tags: - id.fedoraproject.org when: env == "staging" @@ -838,7 +838,7 @@ site_name: beaker.stg.fedoraproject.org server_aliases: [beaker.stg.fedoraproject.org] # Set this explicitly to stg here.. as per the original puppet config. - SSLCertificateChainFile: wildcard-2017.stg.fedoraproject.org.intermediate.cert + SSLCertificateChainFile: wildcard-2020.stg.fedoraproject.org.intermediate.cert sslonly: true cert_name: "{{wildcard_cert_name}}" when: env == "staging"