From 46edf8aeb06c39f334be2fc066246e555fc0ba69 Mon Sep 17 00:00:00 2001 From: Clark Boylan Date: Fri, 21 May 2021 16:03:06 -0700 Subject: [PATCH] Provision ethercalc LE cert This runs the LE ansible alongside the ethercalc puppetry to get an LE cert provision for this service. Once we are happy with the new cert we can land the followup change to switch to the LE cert. Note we don't add an altname for the host because that will require extra DNS records in rax DNS. Change-Id: I04c062eb994f672283aa30ffcc0c4d45fc8c50f6 --- inventory/service/groups.yaml | 1 + inventory/service/host_vars/ethercalc02.openstack.org.yaml | 3 +++ playbooks/roles/letsencrypt-create-certs/handlers/main.yaml | 3 +++ 3 files changed, 7 insertions(+) create mode 100644 inventory/service/host_vars/ethercalc02.openstack.org.yaml diff --git a/inventory/service/groups.yaml b/inventory/service/groups.yaml index e98dfc4166..1e0461acd3 100644 --- a/inventory/service/groups.yaml +++ b/inventory/service/groups.yaml @@ -87,6 +87,7 @@ groups: letsencrypt: - codesearch[0-9]*.opendev.org - etherpad[0-9]*.opendev.org + - ethercalc[0-9]*.open*.org - gitea[0-9]*.opendev.org - graphite[0-9]*.opendev.org - grafana[0-9]*.opendev.org diff --git a/inventory/service/host_vars/ethercalc02.openstack.org.yaml b/inventory/service/host_vars/ethercalc02.openstack.org.yaml new file mode 100644 index 0000000000..0af31c876f --- /dev/null +++ b/inventory/service/host_vars/ethercalc02.openstack.org.yaml @@ -0,0 +1,3 @@ +letsencrypt_certs: + ethercalc02-openstack-org-main: + - ethercalc.openstack.org diff --git a/playbooks/roles/letsencrypt-create-certs/handlers/main.yaml b/playbooks/roles/letsencrypt-create-certs/handlers/main.yaml index 7a276cd8f7..d04c4b65fe 100644 --- a/playbooks/roles/letsencrypt-create-certs/handlers/main.yaml +++ b/playbooks/roles/letsencrypt-create-certs/handlers/main.yaml @@ -231,6 +231,9 @@ - name: letsencrypt updated etherpad01-opendev-org-main include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml +- name: letsencrypt updated ethercalc02-openstack-org-main + include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml + # We split out handlers for each gitea host as handlers should be run in order # This allows us to do a rolling restart of the gitea backends. - name: letsencrypt updated gitea01-main