diff options
author | binary <me@rgoncalves.se> | 2021-01-24 12:49:02 +0100 |
---|---|---|
committer | binary <me@rgoncalves.se> | 2021-01-24 12:49:02 +0100 |
commit | 535fcca27b969d432e9f37d60bb7bb1d9633433c (patch) | |
tree | df9b885149ad45dde4cd3485ca845a2924657733 | |
parent | 03d96b90f2a3c992605fd6f772899664e2ec4da0 (diff) | |
download | infrastructure-535fcca27b969d432e9f37d60bb7bb1d9633433c.tar.gz |
Append missing certificate record
-rw-r--r-- | roles/acme/tasks/main.yml | 1 | ||||
-rw-r--r-- | roles/acme/templates/acme-client.conf.j2 | 6 |
2 files changed, 2 insertions, 5 deletions
diff --git a/roles/acme/tasks/main.yml b/roles/acme/tasks/main.yml index ec23ceb..4d0f67f 100644 --- a/roles/acme/tasks/main.yml +++ b/roles/acme/tasks/main.yml @@ -21,6 +21,7 @@ - name: generate acme certificates shell: acme-client -v {{ global.domain_name }} register: result + failed_when: result.rc not in [ 0, 2 ] - name: show acme-client output debug: diff --git a/roles/acme/templates/acme-client.conf.j2 b/roles/acme/templates/acme-client.conf.j2 index 40a284a..3ff6971 100644 --- a/roles/acme/templates/acme-client.conf.j2 +++ b/roles/acme/templates/acme-client.conf.j2 @@ -8,13 +8,9 @@ authority letsencrypt { account key "/etc/acme/letsencrypt-privkey.pem" } -authority letsencrypt-staging { - api url "https://acme-staging-v02.api.letsencrypt.org/directory" - account key "/etc/acme/letsencrypt-staging-privkey.pem" -} - domain {{ global.domain_name }} { domain key "/etc/ssl/private/{{ global.domain_name }}.key" + domain certificate "/etc/ssl/{{ global.domain_name }}.crt" domain full chain certificate "/etc/ssl/{{ global.domain_name }}.fullchain.pem" sign with letsencrypt } |