From 535fcca27b969d432e9f37d60bb7bb1d9633433c Mon Sep 17 00:00:00 2001
From: binary <me@rgoncalves.se>
Date: Sun, 24 Jan 2021 12:49:02 +0100
Subject: Append missing certificate record

---
 roles/acme/tasks/main.yml                | 1 +
 roles/acme/templates/acme-client.conf.j2 | 6 +-----
 2 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/roles/acme/tasks/main.yml b/roles/acme/tasks/main.yml
index ec23ceb..4d0f67f 100644
--- a/roles/acme/tasks/main.yml
+++ b/roles/acme/tasks/main.yml
@@ -21,6 +21,7 @@
 - name: generate acme certificates
   shell: acme-client -v {{ global.domain_name }}
   register: result
+  failed_when: result.rc not in [ 0, 2 ]
 
 - name: show acme-client output
   debug:
diff --git a/roles/acme/templates/acme-client.conf.j2 b/roles/acme/templates/acme-client.conf.j2
index 40a284a..3ff6971 100644
--- a/roles/acme/templates/acme-client.conf.j2
+++ b/roles/acme/templates/acme-client.conf.j2
@@ -8,13 +8,9 @@ authority letsencrypt {
 	account key "/etc/acme/letsencrypt-privkey.pem"
 }
 
-authority letsencrypt-staging {
-	api url "https://acme-staging-v02.api.letsencrypt.org/directory"
-	account key "/etc/acme/letsencrypt-staging-privkey.pem"
-}
-
 domain {{ global.domain_name }} {
 	domain key "/etc/ssl/private/{{ global.domain_name }}.key"
+	domain certificate "/etc/ssl/{{ global.domain_name }}.crt"
 	domain full chain certificate "/etc/ssl/{{ global.domain_name }}.fullchain.pem"
 	sign with letsencrypt
 }
-- 
cgit v1.2.3