diff options
author | Lars Wirzenius <liw@liw.fi> | 2018-06-19 15:34:36 +0300 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2018-06-19 15:34:36 +0300 |
commit | 272c174a5a4718ce6cdae4e620f2d07f99d4772c (patch) | |
tree | d3b38677ae83f5f035cbfc730ac9e1fac9f4faef /roles | |
parent | be4a3d1b5d8c91ba95060658a276de4a8e9af2e2 (diff) | |
download | debian-ansible-272c174a5a4718ce6cdae4e620f2d07f99d4772c.tar.gz |
Change: support static website aliases for letsenrypt
Diffstat (limited to 'roles')
-rw-r--r-- | roles/apache_server/tasks/main.yml | 9 | ||||
-rw-r--r-- | roles/apache_server/templates/deploy_static_site_certs | 23 |
2 files changed, 17 insertions, 15 deletions
diff --git a/roles/apache_server/tasks/main.yml b/roles/apache_server/tasks/main.yml index 79b5054..5f9c39f 100644 --- a/roles/apache_server/tasks/main.yml +++ b/roles/apache_server/tasks/main.yml @@ -12,16 +12,17 @@ when: letsencrypt - name: "empty list of domains for Let's Encrypt" - shell: rm -f /etc/letsencrypt/static_sites/* + file: + path: /etc/letsencrypt/static_sites.list + state: absent - name: "create list of domains for static sites to get Let's Encrypt certs for" shell: | - listdir="/etc/letsencrypt/static_sites" + list="/etc/letsencrypt/static_sites.list" wellknown="/srv/letsencrypt" - mkdir -p "$listdir" "$wellknown" if [ "{{ item.letsencrypt|default(false) }}" = True ] then - touch "$listdir/{{ item.domain }}" + echo "{{ item.domain }} {{ item.alias|default('') }}" >> "$list" mkdir -p "$wellknown/{{ item.domain }}" fi with_items: "{{ static_sites }}" diff --git a/roles/apache_server/templates/deploy_static_site_certs b/roles/apache_server/templates/deploy_static_site_certs index 3521651..b0227e8 100644 --- a/roles/apache_server/templates/deploy_static_site_certs +++ b/roles/apache_server/templates/deploy_static_site_certs @@ -9,21 +9,22 @@ domains() ls } - opts() { - for domain in $(domains) + domains | while read domain alias do - echo -w "/srv/http/$domain" -d "$domain" \ - --webroot-path "/srv/letsencrypt/$domain" + echo -w "/srv/letsencrypt/$domain" -d "$domain" + if [ -n "$alias" ] + then + echo -d "$alias" + fi done } - certbot certonly \ - --noninteractive \ - --email "{{ letsencrypt_email }}" \ - --agree-tos \ - --expand \ - --cert-name static_sites \ - --webroot $(opts) + --noninteractive \ + --email "{{ letsencrypt_email }}" \ + --agree-tos \ + --expand \ + --cert-name static_sites \ + --webroot $(opts) |