Changeset 04d89726 in darkpeak-services


Ignore:
Timestamp:
Oct 13, 2018, 2:00:32 PM (2 years ago)
Author:
Mat Booth <mat.booth@…>
Branches:
keycloak, master
Children:
b3606134
Parents:
f97b97d9
Message:

Workaround certificate requisition problem when domain is null

Location:
roles
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • roles/apache2/tasks/configure-apache-site.yml

    rf97b97d9 r04d89726  
    5959    path: "/etc/letsencrypt/live/{{ domain }}/README"
    6060  register: letsencrypt_live
     61  when:
     62    - vhost_config is changed
     63    - domain != ""
    6164
    6265- name: Remove letsencrypt live directory if it's not valid
     
    6770    - not letsencrypt_live.stat.exists
    6871    - development_mode != true
     72    - domain != ""
    6973
    7074- name: Request letsencrypt certificate via certbot
     
    7276  when:
    7377    - development_mode != true
     78    - domain != ""
    7479 
  • roles/apache2/templates/apache.vhost.conf.j2

    rf97b97d9 r04d89726  
    2727</VirtualHost>
    2828
     29{% if domain != '' %}
    2930<IfModule mod_ssl.c>
    3031        <VirtualHost _default_:443>
     
    119120        </VirtualHost>
    120121</IfModule>
     122{% endif %}
    121123
    122124# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
  • roles/tls/tasks/configure-tls-cert.yml

    rf97b97d9 r04d89726  
    4040    - "/etc/letsencrypt/archive/{{ domain }}"
    4141    - "/etc/letsencrypt/live/{{ domain }}"
     42  when: domain != ""
    4243
    4344- name: Check for already installed certificate
     
    4546    path: "/etc/letsencrypt/live/{{ domain }}/fullchain.pem"
    4647  register: tls_cert
     48  when: domain != ""
    4749
    4850- name: Install self-signed TLS certificate
     
    5355    group: ssl-cert
    5456    mode: 0640
    55   when: not tls_cert.stat.exists
     57  when:
     58    - not tls_cert.stat.exists
     59    - domain != ""
    5660
    5761- name: Check for already installed key
     
    5963    path: "/etc/letsencrypt/live/{{ domain }}/privkey.pem"
    6064  register: tls_key
     65  when: domain != ""
    6166
    6267- name: Install self-signed TLS certificate key
     
    6772    group: ssl-cert
    6873    mode: 0640
    69   when: not tls_key.stat.exists
     74  when:
     75    - not tls_key.stat.exists
     76    - domain != ""
    7077
    7178- name: Install symlinks to TLS certificate and key
     
    8087    - { src: "{{ domain }}/fullchain.pem", dest: "{{ domain }}.pem" }
    8188    - { src: "{{ domain }}/privkey.pem",   dest: "{{ domain }}.key" }
     89  when: domain != ""
    8290
Note: See TracChangeset for help on using the changeset viewer.