roles/certbot: Ensure certbot is configured first
The `Alias` configuration for Certbot needs to be configured before any other locations, to ensure the `/.well-known` path is always served from the local filesystem. If another drop-in configuration file (e.g. `bitwarden.conf`) is ordered before it, it may override this configuration and prevent Let's Encrypt from working.jenkins-master
parent
fb352cc920
commit
2914bdb73c
|
|
@ -55,9 +55,14 @@
|
||||||
- name: ensure apache is configured for certbot
|
- name: ensure apache is configured for certbot
|
||||||
copy:
|
copy:
|
||||||
src=certbot.httpd.conf
|
src=certbot.httpd.conf
|
||||||
dest=/etc/httpd/conf.d/certbot.conf
|
dest=/etc/httpd/conf.d/01_certbot.conf
|
||||||
mode=0644
|
mode=0644
|
||||||
notify: reload httpd
|
notify: reload httpd
|
||||||
|
- name: ensure old certbot apache config file is removed
|
||||||
|
file:
|
||||||
|
path=/etc/httpd/conf.d/certbot.conf
|
||||||
|
state=absent
|
||||||
|
notify: reload httpd
|
||||||
- meta: flush_handlers
|
- meta: flush_handlers
|
||||||
|
|
||||||
- name: ensure letsencrypt account data are installed
|
- name: ensure letsencrypt account data are installed
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue