From bb73d28c05e5fb76136416dce471bf864b0e5d47 Mon Sep 17 00:00:00 2001
From: "Dustin C. Hatch" <dustin@hatch.name>
Date: Mon, 16 Mar 2020 09:09:47 -0500
Subject: [PATCH] websites/darkchestofwonders.us: Use Lego cert

---
 .certs                                                       | 2 +-
 certs/websites/darkchestofwonders.us.cer                     | 1 +
 certs/websites/darkchestofwonders.us.key                     | 1 +
 roles/websites/darkchestofwonders.us/meta/main.yml           | 4 ----
 .../templates/darkchestofwonders.us.httpd.conf.j2            | 4 ++--
 websites.yml                                                 | 5 +++++
 6 files changed, 10 insertions(+), 7 deletions(-)
 create mode 120000 certs/websites/darkchestofwonders.us.cer
 create mode 120000 certs/websites/darkchestofwonders.us.key
 delete mode 100644 roles/websites/darkchestofwonders.us/meta/main.yml

diff --git a/.certs b/.certs
index 7685cdd..654b52b 160000
--- a/.certs
+++ b/.certs
@@ -1 +1 @@
-Subproject commit 7685cddf5200f168e26df2cf2b2863bc3e9dadb5
+Subproject commit 654b52b6080c1a54b6466ac9cdc00da8d2c910d9
diff --git a/certs/websites/darkchestofwonders.us.cer b/certs/websites/darkchestofwonders.us.cer
new file mode 120000
index 0000000..e43d027
--- /dev/null
+++ b/certs/websites/darkchestofwonders.us.cer
@@ -0,0 +1 @@
+../lego/darkchestofwonders.us.crt
\ No newline at end of file
diff --git a/certs/websites/darkchestofwonders.us.key b/certs/websites/darkchestofwonders.us.key
new file mode 120000
index 0000000..9a68b66
--- /dev/null
+++ b/certs/websites/darkchestofwonders.us.key
@@ -0,0 +1 @@
+../lego/darkchestofwonders.us.key
\ No newline at end of file
diff --git a/roles/websites/darkchestofwonders.us/meta/main.yml b/roles/websites/darkchestofwonders.us/meta/main.yml
deleted file mode 100644
index a90199a..0000000
--- a/roles/websites/darkchestofwonders.us/meta/main.yml
+++ /dev/null
@@ -1,4 +0,0 @@
-dependencies:
-- role: certbot
-  certbot_domains:
-  - darkchestofwonders.us
diff --git a/roles/websites/darkchestofwonders.us/templates/darkchestofwonders.us.httpd.conf.j2 b/roles/websites/darkchestofwonders.us/templates/darkchestofwonders.us.httpd.conf.j2
index d0a62bd..8034de2 100644
--- a/roles/websites/darkchestofwonders.us/templates/darkchestofwonders.us.httpd.conf.j2
+++ b/roles/websites/darkchestofwonders.us/templates/darkchestofwonders.us.httpd.conf.j2
@@ -16,8 +16,8 @@ RewriteRule (.*) https://%{SERVER_NAME}$1 [R=301,L]
 ServerName darkchestofwonders.us
 
 Include conf.d/ssl.include
-SSLCertificateKeyFile /var/lib/letsencrypt/live/darkchestofwonders.us/privkey.pem
-SSLCertificateFile /var/lib/letsencrypt/live/darkchestofwonders.us/fullchain.pem
+SSLCertificateKeyFile /etc/pki/tls/private/darkchestofwonders.us.key
+SSLCertificateFile /etc/pki/tls/certs/darkchestofwonders.us.cer
 
 <IfModule mod_headers.c>
 	Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
diff --git a/websites.yml b/websites.yml
index 7f6be03..be89b63 100644
--- a/websites.yml
+++ b/websites.yml
@@ -25,6 +25,11 @@
     tags: websites/ebonfire.com
   - role: websites/nratonpass.com
     tags: websites/nratonpass.com
+  - role: cert
+    cert_src: websites/darkchestofwonders.us.cer
+    cert_dest: /etc/pki/tls/certs/darkchestofwonders.us.cer
+    cert_key_src: websites/darkchestofwonders.us.key
+    cert_key_dest: /etc/pki/tls/private/darkchestofwonders.us.key
   - role: websites/darkchestofwonders.us
     tags: websites/darkchestofwonders.us
   - role: cert