From 7f8e39ebd4a86b975e138ab498a8cc2c6004b586 Mon Sep 17 00:00:00 2001
From: "Dustin C. Hatch" <dustin@hatch.name>
Date: Mon, 28 Jul 2025 18:53:58 -0500
Subject: [PATCH] websites: chmod777.sh: Switch to mod_md for cert

The _chmod777.sh_ site now obtains its certificate from Let's
Encrypt using the Apache _mod_md_ (managed domain) module.  This
dramatically simplifies the deployment of this certificate, eliminating
the need for _cert-manager_ to obtain it, _cert-exporter_ to add it to
_certs.git_, and Jenkins to push it out to the web server.
---
 certs/websites/chmod777.sh.cer                          | 1 -
 certs/websites/chmod777.sh.key                          | 1 -
 roles/websites/chmod777.sh/files/chmod777.sh.httpd.conf | 5 ++---
 roles/websites/chmod777.sh/meta/main.yml                | 9 ---------
 4 files changed, 2 insertions(+), 14 deletions(-)
 delete mode 120000 certs/websites/chmod777.sh.cer
 delete mode 120000 certs/websites/chmod777.sh.key
 delete mode 100644 roles/websites/chmod777.sh/meta/main.yml

diff --git a/certs/websites/chmod777.sh.cer b/certs/websites/chmod777.sh.cer
deleted file mode 120000
index d61d946..0000000
--- a/certs/websites/chmod777.sh.cer
+++ /dev/null
@@ -1 +0,0 @@
-../logo/chmod777.sh.crt
\ No newline at end of file
diff --git a/certs/websites/chmod777.sh.key b/certs/websites/chmod777.sh.key
deleted file mode 120000
index f4cee85..0000000
--- a/certs/websites/chmod777.sh.key
+++ /dev/null
@@ -1 +0,0 @@
-../logo/chmod777.sh.key
\ No newline at end of file
diff --git a/roles/websites/chmod777.sh/files/chmod777.sh.httpd.conf b/roles/websites/chmod777.sh/files/chmod777.sh.httpd.conf
index 30f74ec..607b3f6 100644
--- a/roles/websites/chmod777.sh/files/chmod777.sh.httpd.conf
+++ b/roles/websites/chmod777.sh/files/chmod777.sh.httpd.conf
@@ -6,17 +6,16 @@ RewriteEngine On
 RewriteRule (.*) https://%{SERVER_NAME}$1 [R=301,L]
 </VirtualHost>
 
+MDomain chmod777.sh
+
 <VirtualHost _default_:443>
 ServerName chmod777.sh
-ServerAlias blog.chmod777.sh www.chmod777.sh
 
 RewriteEngine On
 RewriteCond %{SERVER_NAME} !^chmod777\.sh
 RewriteRule (.*) https://chmod777.sh$2 [R=301,L]
 
 Include conf.d/ssl.include
-SSLCertificateKeyFile /etc/pki/tls/private/chmod777.sh.key
-SSLCertificateFile /etc/pki/tls/certs/chmod777.sh.cer
 
 <IfModule mod_headers.c>
 	Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
diff --git a/roles/websites/chmod777.sh/meta/main.yml b/roles/websites/chmod777.sh/meta/main.yml
deleted file mode 100644
index 23a3cf9..0000000
--- a/roles/websites/chmod777.sh/meta/main.yml
+++ /dev/null
@@ -1,9 +0,0 @@
-dependencies:
-- role: cert
-  vars:
-    cert_src: websites/chmod777.sh.cer
-    cert_dest: /etc/pki/tls/certs/chmod777.sh.cer
-    cert_key_src: websites/chmod777.sh.key
-    cert_key_dest: /etc/pki/tls/private/chmod777.sh.key
-  tags:
-  - websites/chmod777.sh
\ No newline at end of file