summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--roles/apache_server/tasks/main.yml9
-rw-r--r--roles/apache_server/templates/deploy_static_site_certs23
2 files changed, 17 insertions, 15 deletions
diff --git a/roles/apache_server/tasks/main.yml b/roles/apache_server/tasks/main.yml
index 79b5054..5f9c39f 100644
--- a/roles/apache_server/tasks/main.yml
+++ b/roles/apache_server/tasks/main.yml
@@ -12,16 +12,17 @@
when: letsencrypt
- name: "empty list of domains for Let's Encrypt"
- shell: rm -f /etc/letsencrypt/static_sites/*
+ file:
+ path: /etc/letsencrypt/static_sites.list
+ state: absent
- name: "create list of domains for static sites to get Let's Encrypt certs for"
shell: |
- listdir="/etc/letsencrypt/static_sites"
+ list="/etc/letsencrypt/static_sites.list"
wellknown="/srv/letsencrypt"
- mkdir -p "$listdir" "$wellknown"
if [ "{{ item.letsencrypt|default(false) }}" = True ]
then
- touch "$listdir/{{ item.domain }}"
+ echo "{{ item.domain }} {{ item.alias|default('') }}" >> "$list"
mkdir -p "$wellknown/{{ item.domain }}"
fi
with_items: "{{ static_sites }}"
diff --git a/roles/apache_server/templates/deploy_static_site_certs b/roles/apache_server/templates/deploy_static_site_certs
index 3521651..b0227e8 100644
--- a/roles/apache_server/templates/deploy_static_site_certs
+++ b/roles/apache_server/templates/deploy_static_site_certs
@@ -9,21 +9,22 @@ domains()
ls
}
-
opts()
{
- for domain in $(domains)
+ domains | while read domain alias
do
- echo -w "/srv/http/$domain" -d "$domain" \
- --webroot-path "/srv/letsencrypt/$domain"
+ echo -w "/srv/letsencrypt/$domain" -d "$domain"
+ if [ -n "$alias" ]
+ then
+ echo -d "$alias"
+ fi
done
}
-
certbot certonly \
- --noninteractive \
- --email "{{ letsencrypt_email }}" \
- --agree-tos \
- --expand \
- --cert-name static_sites \
- --webroot $(opts)
+ --noninteractive \
+ --email "{{ letsencrypt_email }}" \
+ --agree-tos \
+ --expand \
+ --cert-name static_sites \
+ --webroot $(opts)