source: main/waeup-ansible/letsencrypt.yml @ 16613

Last change on this file since 16613 was 16600, checked in by uli, 3 years ago

Update domain lists for letsencrypt certs.

We had some additions on h10 (uniben-specific subdomains), and an addition (new
school ecns) on h8.

File size: 1.7 KB
Line 
1---
2# This ansible-playbook installs letsencrypt certs
3#
4# What it does:
5#   - registers LE account
6#   - requests/creates first-time certificates
7#   - requests new certs if list of domains changed
8##
9# REVIEW/EDIT THE VARS BELOW BEFORE RUNNING!
10# ALL DOMAINS MUST BE REGISTERED FOR TARGET HOST IN DNS!
11# WHEN EXPANDING DOMAIN LIST, DO NOT CHANGE FIRST ENTRY!
12#
13# It will normally be run like this:
14#
15#  ansible-playbook -b -i h8.waeup.org, letsencrypt.yml
16#
17- hosts: h8.waeup.org
18  vars:
19    letsencrypt_email: 'uli@gnufix.de'
20    letsencrypt_domains: 'h8.waeup.org,waeup.org,www.waeup.org,git.waeup.org,svn.waeup.org,trac.waeup.org,aaue-trac.waeup.org,coewarri-trac.waeup.org,dspg-trac.waeup.org,edopoly-trac.waeup.org, fceokene-trac.waeup.org,iuokada-trac.waeup.org,moodle-trac.waeup.org,uniben-trac.waeup.org,v1.waeup.org,v2.waeup.org,v3.waeup.org,v4.waeup.org,v5.waeup.org,v6.waeup.org,v7.waeup.org,v8.waeup.org,elearning.waeup.org,gopinkdreams.com,www.gopinkdreams.com,kofaplus.com,www.kofaplus.com,aauelms.waeup.org,ecns-trac.waeup.org'
21    # set to true if you got some LE certs already, but the list of domains expanded
22    # if one or more domains are deleted, a NEW cert will be created instead of a RENEWED.
23    letsencrypt_expand_domains: true
24  roles:
25    - letsencrypt
26- hosts: h10.waeup.org
27  vars:
28    letsencrypt_email: 'uli@gnufix.de'
29    letsencrypt_domains: 'h10.waeup.org,uniben-alumni.waeup.org,uniben-cdl.waeup.org,unibenlms.waeup.org,d2.waeup.org,uniben-moodle.waeup.org,uniben.waeup.org,waeup.uniben.edu'
30    # set to true if you got some LE certs already, but the list of domains expanded
31    # if one or more domains are deleted, a NEW cert will be created instead of a RENEWED.
32    letsencrypt_expand_domains: true
33  roles:
34    - letsencrypt
Note: See TracBrowser for help on using the repository browser.