From f0b5a2ad5f9f3159bb0a9cc1099b6585456e7b75 Mon Sep 17 00:00:00 2001 From: Patrick Uiterwijk Date: Thu, 4 Oct 2018 09:01:58 +0200 Subject: [PATCH] Attempt to fix the certbot role for site-000$nr This is a very ugly fix, but it is currently hitting live sites. Signed-off-by: Patrick Uiterwijk --- roles/letsencrypt/tasks/main.yml | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/roles/letsencrypt/tasks/main.yml b/roles/letsencrypt/tasks/main.yml index d4cdffb959..d268f0bebb 100644 --- a/roles/letsencrypt/tasks/main.yml +++ b/roles/letsencrypt/tasks/main.yml @@ -8,10 +8,20 @@ tags: - letsencrypt +# Find the directory to use +- name: Get the directory to use + delegate_to: certgetter01.phx2.fedoraproject.org + # Sometimes we get directories like site-0001, site-0002, etc. We want the latest + shell: "file /etc/letsencrypt/live/{{site_name}}* | tail -1 | awk '{print $1} | sed -e 's/://' | tr -d '\n'" + register: certbot_dir + changed_when: 'false' + tags: + - letsencrypt + # And once we do that, we need to copy some things. - name: Obtain the certificate delegate_to: certgetter01.phx2.fedoraproject.org - command: cat /etc/letsencrypt/live/{{site_name}}/cert.pem + command: cat {{certbot_dir.stdout}}/cert.pem register: certbot_certificate changed_when: 'false' tags: @@ -19,7 +29,7 @@ - name: Obtain the intermediate certificate delegate_to: certgetter01.phx2.fedoraproject.org - command: cat /etc/letsencrypt/live/{{site_name}}/chain.pem + command: cat {{certbot_dir}}/chain.pem register: certbot_chain changed_when: 'false' tags: @@ -27,7 +37,7 @@ - name: Obtain the key delegate_to: certgetter01.phx2.fedoraproject.org - command: cat /etc/letsencrypt/live/{{site_name}}/privkey.pem + command: cat {{certbot_dir}}/privkey.pem register: certbot_key changed_when: 'false' tags: