EbookFoundation
/
regluit-provisioning
mirror of https://github.com/EbookFoundation/regluit-provisioning.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

crt, not key

certbot
eric 2019-01-30 16:16:22 -05:00
parent 20d4ce2d27
commit 5de5725dc9
1 changed files with 20 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
roles/regluit_prod/tasks/certs.yml
View File

@ -17,7 +17,7 @@
acme_directory: https://acme-v02.api.letsencrypt.org/directory
acme_version: 2
csr: "private/{{ server_name }}.csr"
dest: /etc/ssl/certs/server.crt
dest: private/server.crt
fullchain_dest: /etc/ssl/certs/server-fullchain.crt
delegate_to: 127.0.0.1
register: acme_challenge
@ -52,15 +52,31 @@
acme_directory: https://acme-v02.api.letsencrypt.org/directory
acme_version: 2
csr: "private/{{ server_name }}.csr"
dest: /etc/ssl/certs/server.crt
fullchain_dest: /etc/ssl/certs/server-fullchain.crt"
dest: /tmp/server.crt
fullchain_dest: /tmp/server.ca-bundle
data: "{{ acme_challenge }}"
delegate_to: 127.0.0.1
- name: Copy certs
become: yes
copy:
src: /tmp/{{ item }}
dest: /etc/ssl/certs/{{ item }}.key
owner: "{{ user_name }}"
group: "{{ user_name }}"
mode: 0600
with_items:
- 'server.crt'
- 'server.ca-bundle'
notify:
- restart apache
tags:
- certs
- name: Copy server key
become: yes
copy:
src: certs/{{ server_name }}.key
src: private/{{ server_name }}.key
dest: /etc/ssl/private/server.key
owner: "{{ user_name }}"
group: "{{ user_name }}"
@ -69,4 +85,3 @@
- restart apache
tags:
- certs