1d386a57f5
This patch allows a certbot package from a distro repository to be used instead of the certbot-auto script. For ubuntu the distro package takes care of setting up all the necessary directories in /etc/letsencrypt and creates a systemd service for running the renewal. This avoids needing to manage those aspects of the installation in this ansible role. Change-Id: If7c5bcde299362bb3d2a136db659ca319e22e35b
8 lines
213 B
Django/Jinja
8 lines
213 B
Django/Jinja
#!/bin/bash
|
|
# renew cert if required and copy to haproxy destination
|
|
|
|
cat /etc/letsencrypt/live/{{ external_lb_vip_address }}/{fullchain,privkey}.pem \
|
|
> /etc/ssl/private/haproxy.pem
|
|
|
|
systemctl reload haproxy
|