diff options
author | Lars Wirzenius <liw@liw.fi> | 2018-11-06 11:02:17 +0200 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2018-11-06 11:02:17 +0200 |
commit | bb35abf58580f570829ba4d3e56eeaf61e2e8a9e (patch) | |
tree | e491ac03430023ba47cdd77c7272a4a3152b48cc /roles/sane_debian_system/defaults/main.yml | |
parent | fc12b854b1ed1b9e9d1c890998c1e294269c6a58 (diff) | |
download | debian-ansible-bb35abf58580f570829ba4d3e56eeaf61e2e8a9e.tar.gz |
Fix: recreate haproxy.pem in cron job
haproxy wants a haproxy.pem that is the catenation of letsencrypt's
fullchain.pem and privkey.pem. It's created by the Ansible playbook,
but if you don't run Ansible for three months, the cert will expire.
Add a daily cron job that recreates haproxy.pem every day.
This might be doable using a certbot haproxy plugin, but I can't be
arsed to find out. Don't understand why letsencrypt doesn't just
create such a file by default, or why haproxy wants such a file.
Diffstat (limited to 'roles/sane_debian_system/defaults/main.yml')
0 files changed, 0 insertions, 0 deletions