From 0b7cae97a9cc02aaaad8d0f792054621baa2c51b Mon Sep 17 00:00:00 2001
From: Pierre-Yves Chibon <pingou@pingoured.fr>
Date: Tue, 30 Mar 2021 14:54:29 +0200
Subject: [PATCH] iddev: another attempt to get the playbook to handle the
 certs automatically

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
---
 playbooks/hosts/iddev.fedorainfracloud.org.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/playbooks/hosts/iddev.fedorainfracloud.org.yml b/playbooks/hosts/iddev.fedorainfracloud.org.yml
index fed359ea14..7c2185e595 100644
--- a/playbooks/hosts/iddev.fedorainfracloud.org.yml
+++ b/playbooks/hosts/iddev.fedorainfracloud.org.yml
@@ -21,6 +21,18 @@
   - import_tasks: "{{ tasks_path }}/cloud_setup_basic.yml"
   - name: set hostname (required by some services, at least postfix need it)
     hostname: name="{{inventory_hostname}}"
+  - name: Add an apache config to proxy letsencrypt
+    shell: echo | '
+      <VirtualHost *:80>
+        ServerName iddev.fedorainfracloud.org
+        ProxyPass "/.well-known/acme-challenge" "http://certgetter01/.well-known/acme-challenge"
+        Redirect permanent / https://iddev.fedorainfracloud.org
+     </VirtualHost>
+     ' > /etc/httpd/conf.d/proxy_letsencrypt.conf
+  - name: reload apache
+    ansible.builtin.service:
+      name: httpd
+      state: reloaded
   - name: Letsencrypt for iddev.fedorainfracloud.org
     include_role: name=letsencrypt
     vars: