From ecc2e9a69f4613de0fe849f67d4e179b77b59b51 Mon Sep 17 00:00:00 2001 From: Ian Wienand Date: Tue, 29 Nov 2022 13:11:51 +1100 Subject: [PATCH] letsencrypt: pin acme.sh to 3.0.5 We've been running against the dev branch of acme.sh since the initial commit of the letsencrypt work -- at the time I feel like there were things we needed that weren't in a release. Anyway, there is now an issue causing ECC certificates to be made and failing to renew [1] which we can't work-around. Pin this to the current release. It would probably be good to pin this to the "latest" release to avoid us forgetting to ever bump this and ending up with even harder to debug bit-rot. [1] https://github.com/acmesh-official/acme.sh/issues/4416 Change-Id: I0d07ba1b5ab77e07c67ad990e7bc78a9f90005a4 --- playbooks/roles/letsencrypt-acme-sh-install/tasks/main.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbooks/roles/letsencrypt-acme-sh-install/tasks/main.yaml b/playbooks/roles/letsencrypt-acme-sh-install/tasks/main.yaml index b771cd1656..2db5c2cf97 100644 --- a/playbooks/roles/letsencrypt-acme-sh-install/tasks/main.yaml +++ b/playbooks/roles/letsencrypt-acme-sh-install/tasks/main.yaml @@ -2,7 +2,7 @@ git: repo: https://github.com/acmesh-official/acme.sh dest: /opt/acme.sh - version: dev + version: 3.0.5 register: clone_acmesh_result until: clone_acmesh_result is not failed retries: 3