Commit 9d2591c9 authored by Debian's avatar Debian
Browse files

certs: trim securedrop.club specific comments

parent 44443ee4
---
- name: ensure that /usr/local/share/ca-certificates/securedrop.club exists
- name: ensure that /usr/local/share/ca-certificates/infrastructure exists
file:
path: /usr/local/share/ca-certificates/securedrop.club
path: /usr/local/share/ca-certificates/infrastructure
state: directory
- name: Install certs
copy:
src: "files/certs/{{ item }}"
dest: "/usr/local/share/ca-certificates/securedrop.club/{{ item | replace('.pem', '.crt') }}"
dest: "/usr/local/share/ca-certificates/infrastructure/{{ item | replace('.pem', '.crt') }}"
with_items: "{{ certs }}"
notify: update certs
---
- name: Uninstall certs
file:
path: "/usr/local/share/ca-certificates/securedrop.club/{{ item | replace('.pem', '.crt') }}"
path: "/usr/local/share/ca-certificates/infrastructure/{{ item | replace('.pem', '.crt') }}"
state: absent
with_items: "{{ certs }}"
notify: update certs
......@@ -20,7 +20,7 @@
- server_name {{ inventory_hostname }}.{{ domain }}
- root /var/www/html
- role: certbot-nginx
admins_email: devnull@securedrop.club
admins_email: devnull@infrastructure
vhost_fqdn: "{{ inventory_hostname }}.{{ domain }}"
certbot_redirect: true
with_fake_LE: true
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment