ansible-letsencrypt
ansible-letsencrypt copied to clipboard
nickjj
Adapted for multiple certs
The current one doesn't take into account if you have multiple certs. The cronjob gets overwritten every time your run the role with a new cert. Now one job is created for each cert. I also randomized the starting minute, so we don't hit a rate-limiter for some reason....
Isn't this still going to create 1 cronjob total? It's just picking off the first domain name from the list instead of having a hard coded file name.
I have my playbook like this:
- role: nginx-letsencrypt
letsencrypt_domains: [example1.org, www.example1.org]
- role: nginx-letsencrypt
letsencrypt_domains: [example2.se, www.example2.se]
- role: nginx-letsencrypt
letsencrypt_domains: [rss.example3.org]
That creates three different cronjobs
#Ansible: renew SSL certificates for example1.org
24 0 1 * * /usr/local/acme-tiny/example1.org-renew_certificate.sh
#Ansible: renew SSL certificates for example2.se
12 0 1 * * /usr/local/acme-tiny/example2.se-renew_certificate.sh
#Ansible: renew SSL certificates for rss.example3.org
44 0 1 * * /usr/local/acme-tiny/rss.example3.org-renew_certificate.sh
I see.
That's not really adapting it for multiple certificates. That's running the role more than once with a unique file name.
I thought you were going to internally create a loop in this role so this role only needs to be ran once.
The cron job ovewrite also happends when this script is used to install certificate in multiple installations and this patch fixes it, would be relley nice to have it merged, can I do something to move forward?
