From fc12b854b1ed1b9e9d1c890998c1e294269c6a58 Mon Sep 17 00:00:00 2001
From: Lars Wirzenius <liw@liw.fi>
Date: Tue, 7 Aug 2018 18:48:25 +0300
Subject: Add: check that letsencrypt_email is set

---
 roles/haproxy/tasks/main.yml | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

(limited to 'roles')

diff --git a/roles/haproxy/tasks/main.yml b/roles/haproxy/tasks/main.yml
index 0a56410..a7854fb 100644
--- a/roles/haproxy/tasks/main.yml
+++ b/roles/haproxy/tasks/main.yml
@@ -7,6 +7,15 @@
             ;;
     esac
 
+- name: "check letsencrypt_email is set"
+  shell: |
+    case "{{ letsencrypt_email }}" in
+        FIXME)
+            echo "ERROR: MUST set letsencrypt_email" 1>&2
+            exit 1
+            ;;
+    esac
+
 - name: "install certbot"
   apt:
     name: certbot
@@ -14,6 +23,7 @@
 
 - name: "run certbot"
   shell: |
+    set -eu
     certbot certonly \
             --standalone \
             --noninteractive \
@@ -22,8 +32,8 @@
             --expand \
             --cert-name haproxy \
             --keep \
-            --pre-hook "systemctl stop haproxy" \
-            --post-hook "systemctl start haproxy" \
+            --pre-hook "systemctl stop apache2 haproxy" \
+            --post-hook "systemctl start apache2 haproxy" \
             -d "{{ haproxy_domain }}"
     (cd /etc/letsencrypt/live/haproxy; cat fullchain.pem privkey.pem) \
         > /etc/ssl/haproxy.pem
-- 
cgit v1.2.1