Skip to content

Commit 68fb247

Browse files
kinioukiniou
committed
refactor: use domains' setname as --cert-name option
Certbot has the ability to name a certificate with the --cert-name option. This allows us for instance to refers to this same setname to other configuration and then further automate virtualhost creation in nginx or apache. BREAKING CHANGE: Since this domains' setname was not used, the path was named after the first domain in the domains set. In order to keep using this workflow, you need to rename the setname with the first domain in the list like the following: ``` letsencrypt: domains: foo.example.com: - foo.example.com ```
1 parent 1c6135a commit 68fb247

File tree

1 file changed

+8
-8
lines changed

1 file changed

+8
-8
lines changed

letsencrypt/domains.sls

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -41,8 +41,8 @@
4141
# represent SubjectAlternativeNames
4242
create-initial-cert-{{ setname }}-{{ domainlist | join('+') }}:
4343
cmd.run:
44-
- unless: {{ check_cert_cmd }} {{ domainlist[0] }}
45-
- name: {{ create_cert_cmd }} certonly --quiet -d {{ domainlist|join(' -d ') }} --non-interactive
44+
- unless: {{ check_cert_cmd }} {{ setname }}
45+
- name: {{ create_cert_cmd }} certonly --quiet --cert-name {{ setname }} -d {{ domainlist|join(' -d ') }} --non-interactive
4646
{% if not letsencrypt.use_package %}
4747
- cwd: {{ letsencrypt.cli_install_dir }}
4848
{% endif %}
@@ -70,14 +70,14 @@ letsencrypt-crontab-{{ setname }}-{{ domainlist[0] }}:
7070
- file: {{ renew_cert_cmd }}
7171
{% endif %}
7272
73-
create-fullchain-privkey-pem-for-{{ domainlist[0] }}:
73+
create-fullchain-privkey-pem-for-{{ setname }}:
7474
cmd.run:
7575
- name: |
76-
cat {{ letsencrypt.config_dir.path }}/live/{{ domainlist[0] }}/fullchain.pem \
77-
{{ letsencrypt.config_dir.path }}/live/{{ domainlist[0] }}/privkey.pem \
78-
> {{ letsencrypt.config_dir.path }}/live/{{ domainlist[0] }}/fullchain-privkey.pem && \
79-
chmod 600 {{ letsencrypt.config_dir.path }}/live/{{ domainlist[0] }}/fullchain-privkey.pem
80-
- creates: {{ letsencrypt.config_dir.path }}/live/{{ domainlist[0] }}/fullchain-privkey.pem
76+
cat {{ letsencrypt.config_dir.path }}/live/{{ setname }}/fullchain.pem \
77+
{{ letsencrypt.config_dir.path }}/live/{{ setname }}/privkey.pem \
78+
> {{ letsencrypt.config_dir.path }}/live/{{ setname }}/fullchain-privkey.pem && \
79+
chmod 600 {{ letsencrypt.config_dir.path }}/live/{{ setname }}/fullchain-privkey.pem
80+
- creates: {{ letsencrypt.config_dir.path }}/live/{{ setname }}/fullchain-privkey.pem
8181
- require:
8282
- cmd: create-initial-cert-{{ setname }}-{{ domainlist | join('+') }}
8383

0 commit comments

Comments
 (0)