Add generation for subdomain in inventory

author: binary <me@rgoncalves.se> 2021-01-24 14:43:28 +0100
committer: binary <me@rgoncalves.se> 2021-01-24 14:43:28 +0100
commit: b0d50d141c33cb84bef5742599c23d6f5fbc4ecc (patch)
tree: dc5d81d626afbb309d6c6c70f5252d002d838d57 /roles/acme/templates
parent: 7e4d06eb95e4e3acbffe8d129aec2704ed5a661a (diff)
download: infrastructure-b0d50d141c33cb84bef5742599c23d6f5fbc4ecc.tar.gz
1 files changed, 12 insertions, 0 deletions
diff --git a/roles/acme/templates/acme-client.conf.j2 b/roles/acme/templates/acme-client.conf.j2
index 3ff6971..0b9ea6c 100644
--- a/roles/acme/templates/acme-client.conf.j2
+++ b/roles/acme/templates/acme-client.conf.j2
@@ -14,3 +14,15 @@ domain {{ global.domain_name }} {
 	domain full chain certificate "/etc/ssl/{{ global.domain_name }}.fullchain.pem"
 	sign with letsencrypt
 }
+
+{% for h in groups["servers"] %}
+{% set h = dict(hostvars[h]) %}
+{% for service in h.services if service.domain is defined %}
+domain {{ service.domain }}.{{ global.domain_name }} {
+	domain key "/etc/ssl/private/{{ service.domain }}.{{ global.domain_name }}.key"
+	domain certificate "/etc/ssl/{{ service.domain }}.{{ global.domain_name }}.crt"
+	domain full chain certificate "/etc/ssl/{{ service.domain }}.{{ global.domain_name }}.fullchain.pem"
+	sign with letsencrypt
+}
+{% endfor %}
+{% endfor %}
author	binary <me@rgoncalves.se>	2021-01-24 14:43:28 +0100
committer	binary <me@rgoncalves.se>	2021-01-24 14:43:28 +0100
commit	b0d50d141c33cb84bef5742599c23d6f5fbc4ecc (patch)
tree	dc5d81d626afbb309d6c6c70f5252d002d838d57 /roles/acme/templates
parent	7e4d06eb95e4e3acbffe8d129aec2704ed5a661a (diff)
download	infrastructure-b0d50d141c33cb84bef5742599c23d6f5fbc4ecc.tar.gz