b5266ea20c
This creates the redirect sites git.airshipit.org git.openstack.org git.starlingx.io git.zuul-ci.org The htaccess rules are put into the main configuration file to avoid having to create a directory and manage another file. We use a macro to duplicate the rules and retain the old semantics of the http site redirecting directly (as opposed to doing a extra 301 to https://git.openstack.org first). This required adding "/" to the "^" matches as it now runs in VirtualHost context; no functional change is intended over the old sites. This will require _acme-challenge CNAMEs to acme.opendev.org before being merged. testinfra is updated to exercise some redirects matching against the results of the extant sites. Change-Id: Iaa9d5dc2af3f5f8abc11c2312e4308b50f5fcd2b
Generate letsencrypt certificates
This must run after the letsencrypt-install-acme-sh,
letsencrypt-request-certs and
letsencrypt-install-txt-records roles. It will run the
acme.sh process to create the certificates on the host.
Role Variables
If set to True, will locally generate self-signed certificates in the same locations the real script would, instead of contacting letsencrypt. This is set during gate testing as the authentication tokens are not available.
If set to True will use the letsencrypt staging environment, rather than make production requests. Useful during initial provisioning of hosts to avoid affecting production quotas.
The same variable as described in
letsencrypt-request-certs.