openstack/openstack-ansible-haproxy_server
Code Issues Proposed changes

Use let's encrypt standalone flag only for http-01

Browse Source 
In case of using dns-01 challange deployers might want
to avoid using
standalone flag.

Change-Id: I3c6cfd7779e9ec9322e655cdda5bb6866bf695ca
Closes-Bug: #2006938
This commit is contained in:
Dmitriy Rabotyagov 2023-02-13 19:02:29 +01:00
parent 445b15f9c3
commit 908427222b
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
tasks/haproxy_ssl_letsencrypt.yml
View File

@ -69,7 +69,6 @@
--bind {{ haproxy_ssl_letsencrypt_certbot_bind_address }} || true && --bind {{ haproxy_ssl_letsencrypt_certbot_bind_address }} || true &&
{% endif %} {% endif %}
{{ haproxy_ssl_letsencrypt_certbot_binary }} certonly {{ haproxy_ssl_letsencrypt_certbot_binary }} certonly
--standalone
--agree-tos --agree-tos
--non-interactive --non-interactive
--text --text
@ -80,6 +79,7 @@
--server {{ haproxy_ssl_letsencrypt_certbot_server }} --server {{ haproxy_ssl_letsencrypt_certbot_server }}
{% endif %} {% endif %}
{% if haproxy_ssl_letsencrypt_certbot_challenge == 'http-01' %} {% if haproxy_ssl_letsencrypt_certbot_challenge == 'http-01' %}
--standalone
--http-01-port {{ haproxy_ssl_letsencrypt_certbot_backend_port }} --http-01-port {{ haproxy_ssl_letsencrypt_certbot_backend_port }}
--http-01-address {{ haproxy_ssl_letsencrypt_certbot_bind_address }} --http-01-address {{ haproxy_ssl_letsencrypt_certbot_bind_address }}
{% endif %} {% endif %}