opendev/system-config
Code Issues Proposed changes
f18e06e011
system-config/playbooks/roles/letsencrypt-install-txt-record
History
Ian Wienand ac55e08d05
letsencrypt: build txt record lists betterer 
These list constructions look wrong, in hindsight I'm not really sure
how it works.  Ansible 6 seems to barf on it.  Make this one evaluated
statement.

Change-Id: I2a5d4926221f758501f95a8689e4304f814f405f
2022-11-23 08:26:28 +11:00
..
tasks letsencrypt: build txt record lists betterer 2022-11-23 08:26:28 +11:00
templates letsencrypt : use date call for serial number 2019-05-22 16:41:51 +10:00
README.rst letsencrypt support 2019-04-02 15:31:41 +11:00

README.rst

Install authentication records for letsencrypt

Install TXT records to the acme.opendev.org domain. This role runs only the adns server, and assumes ownership of the /var/lib/bind/zones/acme.opendev.org/zone.db file. After installation the nameserver is refreshed.

After this, letsencrypt-create-certs can run on each host to provision the certificates.

Role Variables

A global dictionary of TXT records to be installed. This is generated in a prior step on each host by the letsencrypt-request-certs role.