acertmgr: migrate from legacy paths

2019-05-20 19:49:08 +02:00 · 2019-05-20 19:49:08 +02:00 · 4ee7c6ad16
commit 4ee7c6ad16
parent 17f25f2c32
16 changed files with 17 additions and 18 deletions
--- a/group_vars/all/vars.yml
+++ b/group_vars/all/vars.yml
@ -2,7 +2,7 @@
 acertmgr_mode: webdir
-acme_dnskey_file: /etc/acme/nsupdate.key
+acme_dnskey_file: /etc/acertmgr/nsupdate.key
 acme_dnskey_server: neon.binary-kitchen.net
 dns_axfr_ips:
--- a/roles/acertmgr/templates/acertmgr.conf.j2
+++ b/roles/acertmgr/templates/acertmgr.conf.j2
@ -2,5 +2,4 @@
 mode: {{ acertmgr_mode }}
 webdir: /var/www/acme-challenge/
-ttl_days: 30
+authority_tos_agreement: true
 authority: "https://acme-v01.api.letsencrypt.org"
--- a/roles/acme-dnskey-generate/defaults/main.yml
+++ b/roles/acme-dnskey-generate/defaults/main.yml
@ -1,5 +1,5 @@
 ---
-acme_dnskey_file: /etc/acme/nsupdate.key
+acme_dnskey_file: /etc/acertmgr/nsupdate.key
 acme_dnskey_algorithm: hmac-sha512
 acme_dnskey_server: neon.binary-kitchen.net
--- a/roles/bk-dss/tasks/main.yml
+++ b/roles/bk-dss/tasks/main.yml
@ -34,7 +34,7 @@
  notify: Restart nginx
 - name: Configure certificate manager
-  template: src=certs.j2 dest=/etc/acme/domains.d/{{ dss_domain }}.conf
+  template: src=certs.j2 dest=/etc/acertmgr/{{ dss_domain }}.conf
  notify: Run acertmgr
 - name: Configure vhosts
--- a/roles/gogs/tasks/main.yml
+++ b/roles/gogs/tasks/main.yml
@ -33,7 +33,7 @@
  notify: Restart nginx
 - name: Configure certificate manager for gogs
-  template: src=certs.j2 dest=/etc/acme/domains.d/{{ gogs_domain }}.conf
+  template: src=certs.j2 dest=/etc/acertmgr/{{ gogs_domain }}.conf
  notify: Run acertmgr
 - name: Configure vhost
--- a/roles/hackmd/tasks/main.yml
+++ b/roles/hackmd/tasks/main.yml
@ -71,7 +71,7 @@
  notify: Restart nginx
 - name: Configure certificate manager for hackmd
-  template: src=certs.j2 dest=/etc/acme/domains.d/{{ hackmd_domain }}.conf
+  template: src=certs.j2 dest=/etc/acertmgr/{{ hackmd_domain }}.conf
  notify: Run acertmgr
 - name: Configure vhost
--- a/roles/librenms/tasks/main.yml
+++ b/roles/librenms/tasks/main.yml
@ -59,7 +59,7 @@
    - "{{ librenms_domain }}"
 - name: Configure certificate manager for librenms
-  template: src=certs.j2 dest=/etc/acme/domains.d/{{ librenms_domain }}.conf
+  template: src=certs.j2 dest=/etc/acertmgr/{{ librenms_domain }}.conf
  notify: Run acertmgr
 - name: Configure vhost
--- a/roles/mail/tasks/main.yml
+++ b/roles/mail/tasks/main.yml
@ -143,11 +143,11 @@
  - default/spamassassin
 - name: Configure certificate manager
-  template: src=certs.j2 dest=/etc/acme/domains.d/{{ mail_server }}_mail.conf
+  template: src=certs.j2 dest=/etc/acertmgr/{{ mail_server }}_mail.conf
  notify: Run acertmgr
 - name: Configure certificate manager for mailman
-  template: src=mailman/certs.j2 dest=/etc/acme/domains.d/{{ mailman_domain }}_mailman.conf
+  template: src=mailman/certs.j2 dest=/etc/acertmgr/{{ mailman_domain }}_mailman.conf
  notify: Run acertmgr
 - name: Start amavis
--- a/roles/owncloud/tasks/main.yml
+++ b/roles/owncloud/tasks/main.yml
@ -31,7 +31,7 @@
  notify: Restart nginx
 - name: Configure certificate manager for owncloud
-  template: src=certs.j2 dest=/etc/acme/domains.d/{{ owncloud_domain }}.conf
+  template: src=certs.j2 dest=/etc/acertmgr/{{ owncloud_domain }}.conf
  notify: Run acertmgr
 - name: Create vhost directory
--- a/roles/partdb/tasks/main.yml
+++ b/roles/partdb/tasks/main.yml
@ -16,7 +16,7 @@
  notify: Restart nginx
 - name: Configure certificate manager
-  copy: src=certs dest=/etc/acme/domains.d/partdb.binary-kitchen.de.conf
+  copy: src=certs dest=/etc/acertmgr/partdb.binary-kitchen.de.conf
  notify: Run acertmgr
 - name: Configure vhosts
--- a/roles/prosody/tasks/main.yml
+++ b/roles/prosody/tasks/main.yml
@ -32,7 +32,7 @@
  notify: Restart prosody
 - name: Configure certificate manager
-  template: src=certs.j2 dest=/etc/acme/domains.d/{{ prosody_domain }}_prosody.conf
+  template: src=certs.j2 dest=/etc/acertmgr/{{ prosody_domain }}_prosody.conf
  notify: Run acertmgr
 - name: Start saslauthd
--- a/roles/pvessl/tasks/main.yml
+++ b/roles/pvessl/tasks/main.yml
@ -4,7 +4,7 @@
  include_role: name=acme-dnskey-generate
 - name: Configure certificate manager
-  template: src=certs.j2 dest=/etc/acme/domains.d/{{ ansible_fqdn }}.conf
+  template: src=certs.j2 dest=/etc/acertmgr/{{ ansible_fqdn }}.conf
  notify: Run acertmgr
 - name: Configure vhosts
--- a/roles/racktables/tasks/main.yml
+++ b/roles/racktables/tasks/main.yml
@ -38,7 +38,7 @@
    - "{{ racktables_domain }}"
 - name: Configure certificate manager for racktables
-  template: src=certs.j2 dest=/etc/acme/domains.d/{{ racktables_domain }}.conf
+  template: src=certs.j2 dest=/etc/acertmgr/{{ racktables_domain }}.conf
  notify: Run acertmgr
 - name: Configure vhost
--- a/roles/radius/tasks/main.yml
+++ b/roles/radius/tasks/main.yml
@ -19,7 +19,7 @@
    - "{{ radius_cn }}"
 - name: Configure certificate manager for radius
-  template: src=certs.j2 dest=/etc/acme/domains.d/{{ radius_hostname }}.conf
+  template: src=certs.j2 dest=/etc/acertmgr/{{ radius_hostname }}.conf
  notify: Run acertmgr
 - name: Create DH parameters
--- a/roles/slapd/tasks/main.yml
+++ b/roles/slapd/tasks/main.yml
@ -39,7 +39,7 @@
    - "{{ slapd_san }}"
 - name: Configure certificate manager for slapd
-  template: src=certs.j2 dest=/etc/acme/domains.d/{{ slapd_hostname }}.conf
+  template: src=certs.j2 dest=/etc/acertmgr/{{ slapd_hostname }}.conf
  notify: Run acertmgr
 - name: Start slapd
--- a/roles/web/tasks/main.yml
+++ b/roles/web/tasks/main.yml
@ -24,7 +24,7 @@
  notify: Restart nginx
 - name: Configure certificate manager
-  copy: src=certs dest=/etc/acme/domains.d/www.binary-kitchen.de.conf
+  copy: src=certs dest=/etc/acertmgr/www.binary-kitchen.de.conf
  notify: Run acertmgr
 - name: Configure vhosts