Allow extra parameters to be passed to certbot

When setting up certbot for the first time, many extra parameters are available. This new variable allows these to be passed. A typical example is passing --staging in order to use the letsencrypt staging endpoint rather than the production one. Change-Id: I42f9e1f68c3a3533a3377f37063f4924cdf77bd6
2020-04-23 18:16:22 +01:00
parent f35867466c
commit 04932a7c74
2 changed files with 2 additions and 0 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -83,6 +83,7 @@ haproxy_ssl_letsencrypt_download_url: "https://dl.eff.org/certbot-auto"
 haproxy_ssl_letsencrypt_venv: "/opt/eff.org/certbot/venv"
 haproxy_ssl_letsencrypt_config_path: "/etc/letsencrypt/live"
 haproxy_ssl_letsencrypt_install_path: "/opt/letsencrypt"
+haproxy_ssl_letsencrypt_setup_extra_params: ""
 haproxy_ssl_letsencrypt_cron_minute: "0"
 haproxy_ssl_letsencrypt_cron_hour: "0"
 haproxy_ssl_letsencrypt_cron_weekday: "0"
--- a/tasks/haproxy_ssl_letsencrypt.yml
+++ b/tasks/haproxy_ssl_letsencrypt.yml
@@ -59,6 +59,7 @@
    --rsa-key-size 4096
    --email {{ haproxy_ssl_letsencrypt_email }}
    --domains {{ external_lb_vip_address }}
+    {{ haproxy_ssl_letsencrypt_setup_extra_params }}
  args:
    creates: "{{ haproxy_ssl_letsencrypt_config_path }}/{{ external_lb_vip_address }}-0001/fullchain.pem"