WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-04-27 03:52:09 +08:00
Code Issues Packages Projects Releases Wiki Activity
37,261 Commits 9 Branches 0 Tags
99eab71b2ebd689ee467fb89e3f63ef5cc8c2a5e
Commit Graph

23 Commits

Author SHA1 Message Date
Kevin Fenzi
b7e247f78e letsencrypt: delegate the cli.ini file to certgetter01 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-01-14 11:26:52 -08:00
Kevin Fenzi
a38aac4cd3 certbot: add a cli.ini file with (commented out) ecdsa certs 
Once this becomes useful we should switch the letsencrypt certs we get.
Right now it's not, as the intermediate is the letsencrypt R3, which is
a rsa 2048 bit, so it doesn't help the FUTURE case. Someday they will
switch this to use the X1 cert which will be ECC and it will be useful
to switch.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2021-01-14 11:21:32 -08:00
Kevin Fenzi
50cc7317bf certgetter / staging: drop certgetter01.stg 
We can just use the main one and not bother with a specific stg one

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-10-14 16:07:41 -07:00
Kevin Fenzi
2d8bf791cd inventory: create a certgetter01.stg instance and use it in stg 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-07-24 15:07:56 -07:00
Kevin Fenzi
dc79e302f8 letsencrypt: adjust to work in other datacenters (like ibiblio) 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-06-03 21:18:44 -07:00
Kevin Fenzi
35930379f8 delegations: use quotes when using a variable in a delegate_to 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-06-03 12:58:59 -07:00
Kevin Fenzi
2f81e76657 iad2: adjust a bunch of things that were delegating directly to phx2 hosts 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2020-06-03 12:54:59 -07:00
Patrick Uiterwijk
70d1dd6605 letsencrypt: add quotes 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2019-06-20 13:59:54 +02:00
Kevin Fenzi
96dacb2042 letsencrypt: add --expand flag to allow adding domains and getting a new cert when we add domains. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2019-01-08 18:58:08 +00:00
Kevin Fenzi
c4e303f4d0 fix up check mode with letencrypt 2018-12-13 23:46:18 +00:00
Patrick Uiterwijk
79b06b172b Use the .stdout here too 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2018-10-04 09:07:00 +02:00
Patrick Uiterwijk
ed7c8586d0 Try another split 
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2018-10-04 09:04:38 +02:00
Patrick Uiterwijk
f0b5a2ad5f Attempt to fix the certbot role for site-000$nr 
This is a very ugly fix, but it is currently hitting live sites.

Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
 2018-10-04 09:02:36 +02:00
Kevin Fenzi
1b289a0382 let us try a more generic approach to copying around letsencrypt certs to additional hosts and just do it at the letsencrypt role level 2018-08-15 19:54:01 +00:00
Patrick Uiterwijk
6711cce1f4 Always try to redeploy the certs in case they were refreshed in another run 
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
 2018-07-26 00:00:09 +00:00
Kevin Fenzi
31bae9c864 hooked on phonix really werked for me 2018-06-14 01:33:44 +00:00
Kevin Fenzi
2b268d6e67 Have to run this in check mode too so we can get the variable output now. 2018-06-14 01:28:20 +00:00
Kevin Fenzi
4a6ba78d6d try this instead 2018-06-14 01:11:21 +00:00
Kevin Fenzi
110df57328 looks like certbot outputs this in stderr 2018-06-14 00:56:45 +00:00
Kevin Fenzi
7e8decbfcf Stab at making letsencrypt not change every run 2018-06-14 00:48:32 +00:00
Rick Elrod
af651a77e6 only attempt to renew once per run 
Signed-off-by: Rick Elrod <relrod@redhat.com>
 2018-06-01 21:07:37 +00:00
Rick Elrod
8a997f8381 picky 
Signed-off-by: Rick Elrod <relrod@redhat.com>
 2018-06-01 20:00:08 +00:00
Ricky Elrod
5900f6e6c2 First go at letsencrypt automation 
Signed-off-by: Ricky Elrod <relrod@redhat.com>
 2018-05-17 05:07:56 +00:00