Append missing certificate record

author: binary <me@rgoncalves.se> 2021-01-24 12:49:02 +0100
committer: binary <me@rgoncalves.se> 2021-01-24 12:49:02 +0100
commit: 535fcca27b969d432e9f37d60bb7bb1d9633433c (patch)
tree: df9b885149ad45dde4cd3485ca845a2924657733
parent: 03d96b90f2a3c992605fd6f772899664e2ec4da0 (diff)
download: old-infrastructure-535fcca27b969d432e9f37d60bb7bb1d9633433c.tar.gz
2 files changed, 2 insertions, 5 deletions
diff --git a/roles/acme/tasks/main.yml b/roles/acme/tasks/main.yml
index ec23ceb..4d0f67f 100644
--- a/roles/acme/tasks/main.yml
+++ b/roles/acme/tasks/main.yml
@@ -21,6 +21,7 @@
 - name: generate acme certificates
   shell: acme-client -v {{ global.domain_name }}
   register: result
+  failed_when: result.rc not in [ 0, 2 ]
 
 - name: show acme-client output
   debug:
diff --git a/roles/acme/templates/acme-client.conf.j2 b/roles/acme/templates/acme-client.conf.j2
index 40a284a..3ff6971 100644
--- a/roles/acme/templates/acme-client.conf.j2
+++ b/roles/acme/templates/acme-client.conf.j2
@@ -8,13 +8,9 @@ authority letsencrypt {
 	account key "/etc/acme/letsencrypt-privkey.pem"
 }
 
-authority letsencrypt-staging {
-	api url "https://acme-staging-v02.api.letsencrypt.org/directory"
-	account key "/etc/acme/letsencrypt-staging-privkey.pem"
-}
-
 domain {{ global.domain_name }} {
 	domain key "/etc/ssl/private/{{ global.domain_name }}.key"
+	domain certificate "/etc/ssl/{{ global.domain_name }}.crt"
 	domain full chain certificate "/etc/ssl/{{ global.domain_name }}.fullchain.pem"
 	sign with letsencrypt
 }
author	binary <me@rgoncalves.se>	2021-01-24 12:49:02 +0100
committer	binary <me@rgoncalves.se>	2021-01-24 12:49:02 +0100
commit	535fcca27b969d432e9f37d60bb7bb1d9633433c (patch)
tree	df9b885149ad45dde4cd3485ca845a2924657733
parent	03d96b90f2a3c992605fd6f772899664e2ec4da0 (diff)
download	old-infrastructure-535fcca27b969d432e9f37d60bb7bb1d9633433c.tar.gz