Playbook #5

/home/zuul/src/opendev.org/opendev/system-config/playbooks/letsencrypt.yaml

Report Status CLI Date Duration Controller User Versions Hosts Plays Tasks Results Files Records
18 Jul 2025 20:47:32 +0000 00:00:24.78 bridge99.opendev.org root Ansible 2.15.13 ara 1.7.2 (client), 1.7.2 (server) Python 3.10.12 2 5 47 47 33 0
check:False tags:all

File: /home/zuul/src/opendev.org/opendev/system-config/playbooks/letsencrypt.yaml

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
# This needs to happen in order.  letsencrypt hosts export their TXT
# authentication records which is installed onto adns1, and then the
# hosts verify to issue/renew keys
- hosts: "certcheck:!disabled"
  roles:
    - install-certcheck
- hosts: "letsencrypt:!disabled"
  name: "Deploy and renew certificates"
  roles:
    - letsencrypt-acme-sh-install
    - letsencrypt-request-certs
- hosts: "adns-primary:!disabled"
  name: "Install txt records"
  roles:
    - letsencrypt-install-txt-record
- hosts: "letsencrypt:!disabled"
  name: "Create certs"
  roles:
    - letsencrypt-create-certs
- hosts: "certcheck:!disabled"
  roles:
    - letsencrypt-config-certcheck