7ce0d0fb32
Add this host for serving content from AFS. The _acme-challenge.governance.openstack.org _acme-challenge.security.openstack.org CNAMES should be in place for creating the certificates (added with Ie1b92f06b71aa6069fe831b26ba1cc272ce4562c). Also add a cert for the base server (static.opendev.org) since we added the DNS entries for it. Change-Id: I55e0ac7487b02f9a816ac486ed01b73f82b391a5 Story: #2006598 Task: #37757 Depends-On: https://review.opendev.org/704469
Generate letsencrypt certificates
This must run after the letsencrypt-install-acme-sh,
letsencrypt-request-certs and
letsencrypt-install-txt-records roles. It will run the
acme.sh process to create the certificates on the host.
Role Variables
If set to True, will locally generate self-signed certificates in the same locations the real script would, instead of contacting letsencrypt. This is set during gate testing as the authentication tokens are not available.
If set to True will use the letsencrypt staging environment, rather than make production requests. Useful during initial provisioning of hosts to avoid affecting production quotas.
The same variable as described in
letsencrypt-request-certs.