opendev
/
system-config
Code Issues Proposed changes
system-config/playbooks/roles/letsencrypt-install-txt-record
History
Ian Wienand bdc56b1caf letsencrypt-install-txt-record: pause after adding TXT records 
The rdnc reload should notify the child nameservers which will update
quickly, but for general sanity pause 1 minute to allow for
propagation of the added authentication records before continuing.

Change-Id: Ic0f9398e056df77c96824eff8215395947997d82
 		2020-10-30 16:49:31 +11:00
..
tasks letsencrypt-install-txt-record: pause after adding TXT records 2020-10-30 16:49:31 +11:00
templates letsencrypt : use date call for serial number 2019-05-22 16:41:51 +10:00
README.rst letsencrypt support 2019-04-02 15:31:41 +11:00

README.rst

Install authentication records for letsencrypt

Install TXT records to the acme.opendev.org domain. This role runs only the adns server, and assumes ownership of the /var/lib/bind/zones/acme.opendev.org/zone.db file. After installation the nameserver is refreshed.

After this, letsencrypt-create-certs can run on each host to provision the certificates.

Role Variables

A global dictionary of TXT records to be installed. This is generated in a prior step on each host by the letsencrypt-request-certs role.