ac2b661cf2
We are doing this so that we can cleanup the private network + floating IP setup that the existing mirror does. Once this new mirror is up and happy we can cname to it and then clean up the old mirror and its networking config. We do this in order to save an IP that the current private network router is consuming. Depends-On: https://review.opendev.org/c/opendev/zone-opendev.org/+/787628 Change-Id: I50c311087c6c28726e36913c7e081f3b3d0ee049
Generate letsencrypt certificates
This must run after the letsencrypt-install-acme-sh,
letsencrypt-request-certs and
letsencrypt-install-txt-records roles. It will run the
acme.sh process to create the certificates on the host.
Role Variables
If set to True, will locally generate self-signed certificates in the same locations the real script would, instead of contacting letsencrypt. This is set during gate testing as the authentication tokens are not available.
If set to True will use the letsencrypt staging environment, rather than make production requests. Useful during initial provisioning of hosts to avoid affecting production quotas.
The same variable as described in
letsencrypt-request-certs.