From 4ee7c6ad16cee6a29547988e912c3e88c1b3013c Mon Sep 17 00:00:00 2001 From: Markus Hauschild Date: Mon, 20 May 2019 19:49:08 +0200 Subject: [PATCH] acertmgr: migrate from legacy paths --- group_vars/all/vars.yml | 2 +- roles/acertmgr/templates/acertmgr.conf.j2 | 3 +-- roles/acme-dnskey-generate/defaults/main.yml | 2 +- roles/bk-dss/tasks/main.yml | 2 +- roles/gogs/tasks/main.yml | 2 +- roles/hackmd/tasks/main.yml | 2 +- roles/librenms/tasks/main.yml | 2 +- roles/mail/tasks/main.yml | 4 ++-- roles/owncloud/tasks/main.yml | 2 +- roles/partdb/tasks/main.yml | 2 +- roles/prosody/tasks/main.yml | 2 +- roles/pvessl/tasks/main.yml | 2 +- roles/racktables/tasks/main.yml | 2 +- roles/radius/tasks/main.yml | 2 +- roles/slapd/tasks/main.yml | 2 +- roles/web/tasks/main.yml | 2 +- 16 files changed, 17 insertions(+), 18 deletions(-) diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml index 344a22b..262c916 100644 --- a/group_vars/all/vars.yml +++ b/group_vars/all/vars.yml @@ -2,7 +2,7 @@ acertmgr_mode: webdir -acme_dnskey_file: /etc/acme/nsupdate.key +acme_dnskey_file: /etc/acertmgr/nsupdate.key acme_dnskey_server: neon.binary-kitchen.net dns_axfr_ips: diff --git a/roles/acertmgr/templates/acertmgr.conf.j2 b/roles/acertmgr/templates/acertmgr.conf.j2 index f478eb9..b9d0ef4 100644 --- a/roles/acertmgr/templates/acertmgr.conf.j2 +++ b/roles/acertmgr/templates/acertmgr.conf.j2 @@ -2,5 +2,4 @@ mode: {{ acertmgr_mode }} webdir: /var/www/acme-challenge/ -ttl_days: 30 -authority: "https://acme-v01.api.letsencrypt.org" +authority_tos_agreement: true diff --git a/roles/acme-dnskey-generate/defaults/main.yml b/roles/acme-dnskey-generate/defaults/main.yml index 69d762b..709dbe7 100644 --- a/roles/acme-dnskey-generate/defaults/main.yml +++ b/roles/acme-dnskey-generate/defaults/main.yml @@ -1,5 +1,5 @@ --- -acme_dnskey_file: /etc/acme/nsupdate.key +acme_dnskey_file: /etc/acertmgr/nsupdate.key acme_dnskey_algorithm: hmac-sha512 acme_dnskey_server: neon.binary-kitchen.net diff --git a/roles/bk-dss/tasks/main.yml b/roles/bk-dss/tasks/main.yml index 1ce517d..4e5a7ce 100644 --- a/roles/bk-dss/tasks/main.yml +++ b/roles/bk-dss/tasks/main.yml @@ -34,7 +34,7 @@ notify: Restart nginx - name: Configure certificate manager - template: src=certs.j2 dest=/etc/acme/domains.d/{{ dss_domain }}.conf + template: src=certs.j2 dest=/etc/acertmgr/{{ dss_domain }}.conf notify: Run acertmgr - name: Configure vhosts diff --git a/roles/gogs/tasks/main.yml b/roles/gogs/tasks/main.yml index 6721155..c424bdd 100644 --- a/roles/gogs/tasks/main.yml +++ b/roles/gogs/tasks/main.yml @@ -33,7 +33,7 @@ notify: Restart nginx - name: Configure certificate manager for gogs - template: src=certs.j2 dest=/etc/acme/domains.d/{{ gogs_domain }}.conf + template: src=certs.j2 dest=/etc/acertmgr/{{ gogs_domain }}.conf notify: Run acertmgr - name: Configure vhost diff --git a/roles/hackmd/tasks/main.yml b/roles/hackmd/tasks/main.yml index 02b0de0..766d7bf 100644 --- a/roles/hackmd/tasks/main.yml +++ b/roles/hackmd/tasks/main.yml @@ -71,7 +71,7 @@ notify: Restart nginx - name: Configure certificate manager for hackmd - template: src=certs.j2 dest=/etc/acme/domains.d/{{ hackmd_domain }}.conf + template: src=certs.j2 dest=/etc/acertmgr/{{ hackmd_domain }}.conf notify: Run acertmgr - name: Configure vhost diff --git a/roles/librenms/tasks/main.yml b/roles/librenms/tasks/main.yml index dedb328..130024c 100644 --- a/roles/librenms/tasks/main.yml +++ b/roles/librenms/tasks/main.yml @@ -59,7 +59,7 @@ - "{{ librenms_domain }}" - name: Configure certificate manager for librenms - template: src=certs.j2 dest=/etc/acme/domains.d/{{ librenms_domain }}.conf + template: src=certs.j2 dest=/etc/acertmgr/{{ librenms_domain }}.conf notify: Run acertmgr - name: Configure vhost diff --git a/roles/mail/tasks/main.yml b/roles/mail/tasks/main.yml index 3381f28..c6801a6 100644 --- a/roles/mail/tasks/main.yml +++ b/roles/mail/tasks/main.yml @@ -143,11 +143,11 @@ - default/spamassassin - name: Configure certificate manager - template: src=certs.j2 dest=/etc/acme/domains.d/{{ mail_server }}_mail.conf + template: src=certs.j2 dest=/etc/acertmgr/{{ mail_server }}_mail.conf notify: Run acertmgr - name: Configure certificate manager for mailman - template: src=mailman/certs.j2 dest=/etc/acme/domains.d/{{ mailman_domain }}_mailman.conf + template: src=mailman/certs.j2 dest=/etc/acertmgr/{{ mailman_domain }}_mailman.conf notify: Run acertmgr - name: Start amavis diff --git a/roles/owncloud/tasks/main.yml b/roles/owncloud/tasks/main.yml index 5aa5a16..65ace45 100644 --- a/roles/owncloud/tasks/main.yml +++ b/roles/owncloud/tasks/main.yml @@ -31,7 +31,7 @@ notify: Restart nginx - name: Configure certificate manager for owncloud - template: src=certs.j2 dest=/etc/acme/domains.d/{{ owncloud_domain }}.conf + template: src=certs.j2 dest=/etc/acertmgr/{{ owncloud_domain }}.conf notify: Run acertmgr - name: Create vhost directory diff --git a/roles/partdb/tasks/main.yml b/roles/partdb/tasks/main.yml index 670aea1..12719a2 100644 --- a/roles/partdb/tasks/main.yml +++ b/roles/partdb/tasks/main.yml @@ -16,7 +16,7 @@ notify: Restart nginx - name: Configure certificate manager - copy: src=certs dest=/etc/acme/domains.d/partdb.binary-kitchen.de.conf + copy: src=certs dest=/etc/acertmgr/partdb.binary-kitchen.de.conf notify: Run acertmgr - name: Configure vhosts diff --git a/roles/prosody/tasks/main.yml b/roles/prosody/tasks/main.yml index 0b676ab..caa1162 100644 --- a/roles/prosody/tasks/main.yml +++ b/roles/prosody/tasks/main.yml @@ -32,7 +32,7 @@ notify: Restart prosody - name: Configure certificate manager - template: src=certs.j2 dest=/etc/acme/domains.d/{{ prosody_domain }}_prosody.conf + template: src=certs.j2 dest=/etc/acertmgr/{{ prosody_domain }}_prosody.conf notify: Run acertmgr - name: Start saslauthd diff --git a/roles/pvessl/tasks/main.yml b/roles/pvessl/tasks/main.yml index 0e7a458..d7d89ed 100644 --- a/roles/pvessl/tasks/main.yml +++ b/roles/pvessl/tasks/main.yml @@ -4,7 +4,7 @@ include_role: name=acme-dnskey-generate - name: Configure certificate manager - template: src=certs.j2 dest=/etc/acme/domains.d/{{ ansible_fqdn }}.conf + template: src=certs.j2 dest=/etc/acertmgr/{{ ansible_fqdn }}.conf notify: Run acertmgr - name: Configure vhosts diff --git a/roles/racktables/tasks/main.yml b/roles/racktables/tasks/main.yml index 16e474a..ba4c8b1 100644 --- a/roles/racktables/tasks/main.yml +++ b/roles/racktables/tasks/main.yml @@ -38,7 +38,7 @@ - "{{ racktables_domain }}" - name: Configure certificate manager for racktables - template: src=certs.j2 dest=/etc/acme/domains.d/{{ racktables_domain }}.conf + template: src=certs.j2 dest=/etc/acertmgr/{{ racktables_domain }}.conf notify: Run acertmgr - name: Configure vhost diff --git a/roles/radius/tasks/main.yml b/roles/radius/tasks/main.yml index 61b430c..4ae1976 100644 --- a/roles/radius/tasks/main.yml +++ b/roles/radius/tasks/main.yml @@ -19,7 +19,7 @@ - "{{ radius_cn }}" - name: Configure certificate manager for radius - template: src=certs.j2 dest=/etc/acme/domains.d/{{ radius_hostname }}.conf + template: src=certs.j2 dest=/etc/acertmgr/{{ radius_hostname }}.conf notify: Run acertmgr - name: Create DH parameters diff --git a/roles/slapd/tasks/main.yml b/roles/slapd/tasks/main.yml index fa68d34..d8e3562 100644 --- a/roles/slapd/tasks/main.yml +++ b/roles/slapd/tasks/main.yml @@ -39,7 +39,7 @@ - "{{ slapd_san }}" - name: Configure certificate manager for slapd - template: src=certs.j2 dest=/etc/acme/domains.d/{{ slapd_hostname }}.conf + template: src=certs.j2 dest=/etc/acertmgr/{{ slapd_hostname }}.conf notify: Run acertmgr - name: Start slapd diff --git a/roles/web/tasks/main.yml b/roles/web/tasks/main.yml index 8d92dc3..983bb99 100644 --- a/roles/web/tasks/main.yml +++ b/roles/web/tasks/main.yml @@ -24,7 +24,7 @@ notify: Restart nginx - name: Configure certificate manager - copy: src=certs dest=/etc/acme/domains.d/www.binary-kitchen.de.conf + copy: src=certs dest=/etc/acertmgr/www.binary-kitchen.de.conf notify: Run acertmgr - name: Configure vhosts