65e53499f5
Currently Let's Encrypt is using `haproxy_bind_external_lb_vip_address` to identify naming of resulting certificate which might not match with expectations, as all other parts of code already do use `haproxy_vip_binds` for calculating resulting TLS path. This patch introduces `type` key for `haproxy_vip_binds` which is used to identify for which frontends Let's Encrypt certificate should be used as in most scenarios it's not gonna be issued for "internal" VIPs anyway due to dns-01 requirement. Also moving to single "source of truth" for VIP bindings allows to override and have control over this behaviour. Change-Id: Id07d9a0ea270d613b37b6adfa373d01a47f7421f |
||
|---|---|---|
| .. | ||
| debian.yml | ||
| main.yml | ||
| redhat.yml | ||