aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--roles/acme/tasks/main.yml1
-rw-r--r--roles/acme/templates/acme-client.conf.j26
2 files changed, 2 insertions, 5 deletions
diff --git a/roles/acme/tasks/main.yml b/roles/acme/tasks/main.yml
index ec23ceb..4d0f67f 100644
--- a/roles/acme/tasks/main.yml
+++ b/roles/acme/tasks/main.yml
@@ -21,6 +21,7 @@
- name: generate acme certificates
shell: acme-client -v {{ global.domain_name }}
register: result
+ failed_when: result.rc not in [ 0, 2 ]
- name: show acme-client output
debug:
diff --git a/roles/acme/templates/acme-client.conf.j2 b/roles/acme/templates/acme-client.conf.j2
index 40a284a..3ff6971 100644
--- a/roles/acme/templates/acme-client.conf.j2
+++ b/roles/acme/templates/acme-client.conf.j2
@@ -8,13 +8,9 @@ authority letsencrypt {
account key "/etc/acme/letsencrypt-privkey.pem"
}
-authority letsencrypt-staging {
- api url "https://acme-staging-v02.api.letsencrypt.org/directory"
- account key "/etc/acme/letsencrypt-staging-privkey.pem"
-}
-
domain {{ global.domain_name }} {
domain key "/etc/ssl/private/{{ global.domain_name }}.key"
+ domain certificate "/etc/ssl/{{ global.domain_name }}.crt"
domain full chain certificate "/etc/ssl/{{ global.domain_name }}.fullchain.pem"
sign with letsencrypt
}
remember that computers suck.