From d0784637eb6ed3138bba9cc22e85cd3805741f50 Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Thu, 21 Mar 2024 20:41:21 +0200 Subject: http.liw.fi: reorg certs so they can be renewed Signed-off-by: Lars Wirzenius Sponsored-by: author --- ansible/http.liw.fi.yml | 59 +++++++++++++++++++++++++------------------------ 1 file changed, 30 insertions(+), 29 deletions(-) (limited to 'ansible') diff --git a/ansible/http.liw.fi.yml b/ansible/http.liw.fi.yml index 0be171a..51c0312 100644 --- a/ansible/http.liw.fi.yml +++ b/ansible/http.liw.fi.yml @@ -5,6 +5,7 @@ - role: sshd - role: unix_users - role: apache_server + tags: [httpd] - role: comfortable-debian-system - role: self-updating-system vars: @@ -36,31 +37,31 @@ owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 - domain: files.liw.fi owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 - domain: vmdb2.liw.fi owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 - domain: vmdb2-manual.liw.fi owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 - domain: journal.liw.fi owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 htpasswd: "{{ lookup('pipe', 'pass journal.liw.fi.htpasswd') }}" htpasswd_name: "Private site by Lars. Go away." @@ -68,131 +69,131 @@ owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 - domain: doc.obnam.org owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 - domain: subplot.tech owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 - domain: www.subplot.tech owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 redirect: subplot.tech - domain: doc.subplot.tech owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 - domain: subplot.liw.fi owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 redirect: subplot.tech - domain: doc.subplot.liw.fi owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 redirect: doc.subplot.tech - domain: 256.liw.fi owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 - domain: gtdfh.liw.fi owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 - domain: blog.liw.fi owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 - domain: vmadm.liw.fi owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 - domain: doc.liw.fi owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 - domain: sshca.liw.fi owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 - domain: www.liw.fi owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 redirect: liw.fi - domain: riki.liw.fi owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 - domain: v-i.liw.fi owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 - domain: puomi.liw.fi owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 - domain: ewww.liw.fi owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 - domain: ambient.liw.fi owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 - domain: openpgpkey.liw.fi owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 - domain: liw.iki.fi owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert21 + letsencrypt_cert: cert1 # Sites that need to be changed in DNS (A record) before Let's # Encrypt certificates can be created. Comment these out until @@ -202,19 +203,19 @@ owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 - domain: obnam.org owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 - domain: liw.fi owner: liw ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert20 + letsencrypt_cert: cert1 # Sites without HTTPS. -- cgit v1.2.1