system-config/playbooks/roles/letsencrypt-create-certs
Monty Taylor b23515c623 Make a new dockerized etherpad.opendev.org
Upstream likes building the settings file into the image, but that's
less exciting, let's bind-mount ours in.

Depends-On: https://review.opendev.org/717491/
Change-Id: Ia1894d884ef2a84e1282345b77fe07bf8898f367
2020-04-07 11:10:57 -05:00
..
defaults letsencrypt: split staging and self-signed generation 2019-04-10 08:47:32 +10:00
handlers Make a new dockerized etherpad.opendev.org 2020-04-07 11:10:57 -05:00
tasks letsencrypt: force renewal on certificate change 2020-02-28 11:49:06 +11:00
README.rst letsencrypt: split staging and self-signed generation 2019-04-10 08:47:32 +10:00

Generate letsencrypt certificates

This must run after the letsencrypt-install-acme-sh, letsencrypt-request-certs and letsencrypt-install-txt-records roles. It will run the acme.sh process to create the certificates on the host.

Role Variables

If set to True, will locally generate self-signed certificates in the same locations the real script would, instead of contacting letsencrypt. This is set during gate testing as the authentication tokens are not available.

If set to True will use the letsencrypt staging environment, rather than make production requests. Useful during initial provisioning of hosts to avoid affecting production quotas.

The same variable as described in letsencrypt-request-certs.