handle 2nd hostname

2019-01-31 15:28:27 -05:00 · 2019-01-31 15:28:27 -05:00 · 81b2c47362
parent a82c5a1c2c
commit 81b2c47362
5 changed files with 16 additions and 4 deletions
--- a/group_vars/batterup/vars.yml
+++ b/group_vars/batterup/vars.yml
@ -13,6 +13,7 @@ wsgi_python_path: "/opt/regluit/venv/bin/python"
 git_repo: "https://github.com/Gluejar/regluit.git"
 git_branch: "production"
 le_endpoint: https://acme-staging-v02.api.letsencrypt.org/directory
+alt_server_name: 

 ### Variables in settings.prod.py ###
 mysql_db_name: "{{ vault_mysql_db_name }}"
--- a/group_vars/dev/vars.yml
+++ b/group_vars/dev/vars.yml
@ -12,8 +12,9 @@ wsgi_home: "/opt/regluit/venv"
 wsgi_python_path: "/opt/regluit/venv/bin/python"
 git_repo: "https://github.com/Gluejar/regluit.git"
 git_branch: "lencrypt"
-#le_endpoint: https://acme-v02.api.letsencrypt.org/directory
-le_endpoint: https://acme-staging-v02.api.letsencrypt.org/directory
+le_endpoint: https://acme-v02.api.letsencrypt.org/directory
+#le_endpoint: https://acme-staging-v02.api.letsencrypt.org/directory
+alt_server_name: "ondeck.unglue.it"


 ### Variables in settings.prod.py ###
--- a/group_vars/ondeck/vars.yml
+++ b/group_vars/ondeck/vars.yml
@ -14,7 +14,7 @@ git_repo: "https://github.com/Gluejar/regluit.git"
 git_branch: "master"
 le_endpoint: https://acme-v02.api.letsencrypt.org/directory
 #le_endpoint: https://acme-staging-v02.api.letsencrypt.org/directory
-
+alt_server_name: 

 ### Variables in settings.prod.py ###
 mysql_db_name: "{{ vault_mysql_db_name }}"
--- a/group_vars/production/vars.yml
+++ b/group_vars/production/vars.yml
@ -13,6 +13,7 @@ wsgi_python_path: "/opt/regluit/venv/bin/python"
 git_repo: "https://github.com/Gluejar/regluit.git"
 git_branch: "production"
 le_endpoint: https://acme-staging-v02.api.letsencrypt.org/directory
+alt_server_name: "unglue.it"

 ### Variables in settings.prod.py ###
 mysql_db_name: "{{ vault_mysql_db_name }}"
--- a/roles/regluit_prod/tasks/certs.yml
+++ b/roles/regluit_prod/tasks/certs.yml
@ -51,6 +51,7 @@
    acme_directory: "{{ le_endpoint }}"
    acme_version: 2
    remaining_days: 45
+    force: no
    select_crypto_backend: openssl
    csr: "private/decrypted/{{ server_name }}.csr"
    dest: private/certs/{{ server_name }}.crt
@ -77,16 +78,24 @@
    group: "{{ user_name }}"
    mode: 0755

- copy:
+- name: copy main challenge
+  copy:
    dest: /var/www/static/{{ acme_challenge['challenge_data'][server_name]['http-01']['resource'] }}
    content: "{{ acme_challenge['challenge_data'][server_name]['http-01']['resource_value'] }}"
  when: acme_challenge is changed

+- name: copy alt challenge
+  copy:
+    dest: /var/www/static/{{ acme_challenge['challenge_data'][alt_server_name]['http-01']['resource'] }}
+    content: "{{ acme_challenge['challenge_data'][alt_server_name]['http-01']['resource_value'] }}"
+  when: acme_challenge is changed and alt_server_name != ''
+
 - name: Create a challenge for server_name using a account key file.
  acme_certificate:
    account_key_src: private/decrypted/letsencrypt_account.key
    acme_directory: "{{ le_endpoint }}"
    acme_version: 2
+    force: no
    remaining_days: 45
    select_crypto_backend: openssl
    csr: "private/decrypted/{{ server_name }}.csr"