ansible

Author	SHA1	Message	Date
Ryan Lerch	3c41882bb0	ansiblelint fixes - fqcn[action-core] - shell to ansible.builtin.shell Replaces references to shell: with ansible.builtin.shell Signed-off-by: Ryan Lerch <rlerch@redhat.com>	2025-01-15 11:29:10 +10:00
Ryan Lerch	462176464b	ansiblelint fixes-- fqcn[action-core] - command to ansible.builtin.command Replaces many references to command: with ansible.builtin.command Signed-off-by: Ryan Lerch <rlerch@redhat.com>	2025-01-15 11:26:47 +10:00
Ryan Lerch	6a3816dfdc	ansiblelint fixes-- fqcn[action-core] - copy to ansible.builtin.copy Replaces many references to 'copy' with ansible.builtin.copy Signed-off-by: Ryan Lerch <rlerch@redhat.com>	2025-01-15 10:43:31 +10:00
Ryan Lerch	691adee6ee	Fix name[casing] ansible-lint issues fix 1900 failures of the following case issue: `name[casing]: All names should start with an uppercase letter.` Signed-off-by: Ryan Lerch <rlerch@redhat.com>	2025-01-14 20:20:07 +10:00
Ryan Lerch	89f6f1fc32	Fix majority of remaining yamllint warnings and errors Signed-off-by: Ryan Lerch <rlerch@redhat.com>	2024-11-28 17:31:45 +10:00
Seddik Alaoui Ismaili	e0531fee72	fix httpd reload only for proxy hosts	2023-05-15 22:22:28 +02:00
Kevin Fenzi	abf5e66531	letsencrypt: move the combined cert to a template content is "undefined" if using variables and you can't put a newline in it, so just move this to a simple template. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2023-01-25 10:01:18 -08:00
Kevin Fenzi	925760331c	letsencrypt: Try and put the combined cert in the format stunnel likes Right now it's adding the cert without a newline at the end, but it also expects the cert to be at the top and the intermediate below it. So, swap them around and try putting a newline in it. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2023-01-25 09:56:31 -08:00
Kevin Fenzi	a2bfd621ed	letsencrypt: it is restart, not reload Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2023-01-20 12:13:54 -08:00
Kevin Fenzi	d44bc3991c	pagure: handle stunnel bundled cert in letsencrypt renews This commit removes the old tasks to try and create a cert/intermediate bundle file for stunnel in favor of just doing it when we renew/get the cert. It also fixes stunnel to use the correct bundled cert. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2023-01-20 11:55:13 -08:00
Kevin Fenzi	cfa99b12e2	letsencrypt: The not yet due message is in stdout Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2022-06-13 14:11:34 -07:00
Kevin Fenzi	b7e247f78e	letsencrypt: delegate the cli.ini file to certgetter01 Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2021-01-14 11:26:52 -08:00
Kevin Fenzi	a38aac4cd3	certbot: add a cli.ini file with (commented out) ecdsa certs Once this becomes useful we should switch the letsencrypt certs we get. Right now it's not, as the intermediate is the letsencrypt R3, which is a rsa 2048 bit, so it doesn't help the FUTURE case. Someday they will switch this to use the X1 cert which will be ECC and it will be useful to switch. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2021-01-14 11:21:32 -08:00
Kevin Fenzi	50cc7317bf	certgetter / staging: drop certgetter01.stg We can just use the main one and not bother with a specific stg one Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2020-10-14 16:07:41 -07:00
Kevin Fenzi	2d8bf791cd	inventory: create a certgetter01.stg instance and use it in stg Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2020-07-24 15:07:56 -07:00
Kevin Fenzi	dc79e302f8	letsencrypt: adjust to work in other datacenters (like ibiblio) Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2020-06-03 21:18:44 -07:00
Kevin Fenzi	35930379f8	delegations: use quotes when using a variable in a delegate_to Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2020-06-03 12:58:59 -07:00
Kevin Fenzi	2f81e76657	iad2: adjust a bunch of things that were delegating directly to phx2 hosts Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2020-06-03 12:54:59 -07:00
Patrick Uiterwijk	70d1dd6605	letsencrypt: add quotes Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2019-06-20 13:59:54 +02:00
Kevin Fenzi	96dacb2042	letsencrypt: add --expand flag to allow adding domains and getting a new cert when we add domains. Signed-off-by: Kevin Fenzi <kevin@scrye.com>	2019-01-08 18:58:08 +00:00
Kevin Fenzi	c4e303f4d0	fix up check mode with letencrypt	2018-12-13 23:46:18 +00:00
Patrick Uiterwijk	79b06b172b	Use the .stdout here too Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2018-10-04 09:07:00 +02:00
Patrick Uiterwijk	ed7c8586d0	Try another split Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2018-10-04 09:04:38 +02:00
Patrick Uiterwijk	f0b5a2ad5f	Attempt to fix the certbot role for site-000$nr This is a very ugly fix, but it is currently hitting live sites. Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>	2018-10-04 09:02:36 +02:00
Kevin Fenzi	1b289a0382	let us try a more generic approach to copying around letsencrypt certs to additional hosts and just do it at the letsencrypt role level	2018-08-15 19:54:01 +00:00
Patrick Uiterwijk	6711cce1f4	Always try to redeploy the certs in case they were refreshed in another run Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>	2018-07-26 00:00:09 +00:00
Kevin Fenzi	31bae9c864	hooked on phonix really werked for me	2018-06-14 01:33:44 +00:00
Kevin Fenzi	2b268d6e67	Have to run this in check mode too so we can get the variable output now.	2018-06-14 01:28:20 +00:00
Kevin Fenzi	4a6ba78d6d	try this instead	2018-06-14 01:11:21 +00:00
Kevin Fenzi	110df57328	looks like certbot outputs this in stderr	2018-06-14 00:56:45 +00:00
Kevin Fenzi	7e8decbfcf	Stab at making letsencrypt not change every run	2018-06-14 00:48:32 +00:00
Rick Elrod	af651a77e6	only attempt to renew once per run Signed-off-by: Rick Elrod <relrod@redhat.com>	2018-06-01 21:07:37 +00:00
Rick Elrod	8a997f8381	picky Signed-off-by: Rick Elrod <relrod@redhat.com>	2018-06-01 20:00:08 +00:00
Ricky Elrod	5900f6e6c2	First go at letsencrypt automation Signed-off-by: Ricky Elrod <relrod@redhat.com>	2018-05-17 05:07:56 +00:00

34 commits