Provision ethercalc LE cert

This runs the LE ansible alongside the ethercalc puppetry to get an LE
cert provision for this service. Once we are happy with the new cert we
can land the followup change to switch to the LE cert.

Note we don't add an altname for the host because that will require
extra DNS records in rax DNS.

Change-Id: I04c062eb994f672283aa30ffcc0c4d45fc8c50f6
This commit is contained in:
Clark Boylan 2021-05-21 16:03:06 -07:00
parent e77edd3169
commit 46edf8aeb0
3 changed files with 7 additions and 0 deletions

View File

@ -87,6 +87,7 @@ groups:
letsencrypt: letsencrypt:
- codesearch[0-9]*.opendev.org - codesearch[0-9]*.opendev.org
- etherpad[0-9]*.opendev.org - etherpad[0-9]*.opendev.org
- ethercalc[0-9]*.open*.org
- gitea[0-9]*.opendev.org - gitea[0-9]*.opendev.org
- graphite[0-9]*.opendev.org - graphite[0-9]*.opendev.org
- grafana[0-9]*.opendev.org - grafana[0-9]*.opendev.org

View File

@ -0,0 +1,3 @@
letsencrypt_certs:
ethercalc02-openstack-org-main:
- ethercalc.openstack.org

View File

@ -231,6 +231,9 @@
- name: letsencrypt updated etherpad01-opendev-org-main - name: letsencrypt updated etherpad01-opendev-org-main
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
- name: letsencrypt updated ethercalc02-openstack-org-main
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
# We split out handlers for each gitea host as handlers should be run in order # We split out handlers for each gitea host as handlers should be run in order
# This allows us to do a rolling restart of the gitea backends. # This allows us to do a rolling restart of the gitea backends.
- name: letsencrypt updated gitea01-main - name: letsencrypt updated gitea01-main