Certgetter is now in rdu3

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
2026-03-20 12:07:34 +08:00 · 2025-07-01 01:12:29 +02:00
parent 07bee7f2f4
commit f29615eda4
1 changed files with 6 additions and 6 deletions
--- a/roles/letsencrypt/tasks/main.yml
+++ b/roles/letsencrypt/tasks/main.yml
@@ -1,6 +1,6 @@
 ---
 - name: Setup defaults file
-  delegate_to: "certgetter01.iad2.fedoraproject.org"
+  delegate_to: "certgetter01.{{datacenter}}.fedoraproject.org"
  ansible.builtin.copy: >
    dest=/etc/letsencrypt/cli.ini
    src=cli.ini
@@ -11,7 +11,7 @@
  - letsencrypt

 - name: Generate (or renew) the certificate
-  delegate_to: "certgetter01.iad2.fedoraproject.org"
+  delegate_to: "certgetter01.{{datacenter}}.fedoraproject.org"
  ansible.builtin.command: certbot certonly --expand --keep -n --webroot --webroot-path /var/www/html/ -d {{','.join([site_name] + server_aliases)}}
  run_once: true
  register: certbot_output
@@ -22,7 +22,7 @@

 # Find the directory to use
 - name: Get the directory to use
-  delegate_to: "certgetter01.iad2.fedoraproject.org"
+  delegate_to: "certgetter01.{{datacenter}}.fedoraproject.org"
  # Sometimes we get directories like site-0001, site-0002, etc. We want the latest
  ansible.builtin.shell: "file /etc/letsencrypt/live/{{site_name}}* | tail -1 | sed -e 's/: directory//' | tr -d '\n'"
  register: certbot_dir
@@ -33,7 +33,7 @@

 # And once we do that, we need to copy some things.
 - name: Obtain the certificate
-  delegate_to: "certgetter01.iad2.fedoraproject.org"
+  delegate_to: "certgetter01.{{datacenter}}.fedoraproject.org"
  ansible.builtin.command: "cat {{certbot_dir.stdout}}/cert.pem"
  register: certbot_certificate
  changed_when: 'false'
@@ -42,7 +42,7 @@
  - letsencrypt

 - name: Obtain the intermediate certificate
-  delegate_to: "certgetter01.iad2.fedoraproject.org"
+  delegate_to: "certgetter01.{{datacenter}}.fedoraproject.org"
  ansible.builtin.command: cat {{certbot_dir.stdout}}/chain.pem
  register: certbot_chain
  changed_when: 'false'
@@ -51,7 +51,7 @@
  - letsencrypt

 - name: Obtain the key
-  delegate_to: "certgetter01.iad2.fedoraproject.org"
+  delegate_to: "certgetter01.{{datacenter}}.fedoraproject.org"
  ansible.builtin.command: cat {{certbot_dir.stdout}}/privkey.pem
  register: certbot_key
  changed_when: 'false'