From 55c45c6f3d0118ca5431e52592ea2062aadfa66e Mon Sep 17 00:00:00 2001 From: Ryan Cavicchioni Date: Sun, 14 Apr 2024 17:54:33 -0500 Subject: [PATCH] Replace certbot with lego --- group_vars/stats_servers/main.yaml | 5 ++--- roles/dl/defaults/main.yaml | 4 ++-- roles/gitea/defaults/main.yaml | 6 ++++-- roles/grafana/defaults/main.yaml | 4 ++-- roles/prometheus/defaults/main.yaml | 4 ++-- 5 files changed, 12 insertions(+), 11 deletions(-) diff --git a/group_vars/stats_servers/main.yaml b/group_vars/stats_servers/main.yaml index ef736ad..b96de90 100644 --- a/group_vars/stats_servers/main.yaml +++ b/group_vars/stats_servers/main.yaml @@ -24,9 +24,8 @@ grafana_config: http_port: "{{ grafana_port }}" grafana_ssl_enabled: true -grafana_ssl_certificate: "/etc/letsencrypt/live/{{ grafana_domain }}/fullchain.pem" -grafana_ssl_certificate_key: "/etc/letsencrypt/live/{{ grafana_domain }}/privkey.pem" -# grafana_ssl_dhparam: "/etc/letsencrypt/ssl-dhparams.pem" +grafana_ssl_certificate: "/var/lib/lego/certificates/{{ grafana_domain }}.crt" +grafana_ssl_certificate_key: "/var/lib/lego/certificates/{{ grafana_domain }}.key" grafana_datasources: apiVersion: 1 diff --git a/roles/dl/defaults/main.yaml b/roles/dl/defaults/main.yaml index 5420d2f..6273d05 100644 --- a/roles/dl/defaults/main.yaml +++ b/roles/dl/defaults/main.yaml @@ -4,5 +4,5 @@ dl_server_root: /var/www/dl dl_access_log: /var/log/nginx/dl.access.log dl_error_log: /var/log/nginx/dl.error.log dl_ssl_enabled: false -dl_ssl_certificate: "/etc/letsencrypt/live/{{ dl_server_name }}/fullchain.pem" -dl_ssl_certificate_key: "/etc/letsencrypt/live/{{ dl_server_name }}/privkey.pem" +dl_ssl_certificate: "/var/lib/lego/certificates/{{ dl_server_name }}.crt" +dl_ssl_certificate_key: "/var/lib/lego/certificates/{{ dl_server_name }}.key" diff --git a/roles/gitea/defaults/main.yaml b/roles/gitea/defaults/main.yaml index 77e7cc8..59b114a 100644 --- a/roles/gitea/defaults/main.yaml +++ b/roles/gitea/defaults/main.yaml @@ -53,6 +53,8 @@ gitea_config: colorize: no service: register_manual_confirm: true + metrics: + enabled: true gitea_var_tree: - "{{ gitea_var_path }}" @@ -62,6 +64,6 @@ gitea_var_tree: - "{{ gitea_var_path }}/backup" gitea_ssl_enabled: yes -gitea_ssl_certificate: "/etc/letsencrypt/live/{{ gitea_domain }}/fullchain.pem" -gitea_ssl_certificate_key: "/etc/letsencrypt/live/{{ gitea_domain }}/privkey.pem" +gitea_ssl_certificate: "/var/lib/lego/certificates/{{ gitea_domain }}.crt" +gitea_ssl_certificate_key: "/var/lib/lego/certificates/{{ gitea_domain }}.key" #gitea_ssl_dhparam: "/etc/letsencrypt/ssl-dhparams.pem" diff --git a/roles/grafana/defaults/main.yaml b/roles/grafana/defaults/main.yaml index 0745987..f9f869c 100644 --- a/roles/grafana/defaults/main.yaml +++ b/roles/grafana/defaults/main.yaml @@ -26,8 +26,8 @@ grafana_config: http_port: "{{ grafana_port }}" grafana_ssl_enabled: true -grafana_ssl_certificate: "/etc/letsencrypt/live/{{ grafana_domain }}/fullchain.pem" -grafana_ssl_certificate_key: "/etc/letsencrypt/live/{{ grafana_domain }}/privkey.pem" +grafana_ssl_certificate: "/var/lib/lego/certificates/{{ grafana_domain }}.crt" +grafana_ssl_certificate_key: "/var/lib/lego/certificates/{{ grafana_domain }}.key" # grafana_ssl_dhparam: "/etc/letsencrypt/ssl-dhparams.pem" diff --git a/roles/prometheus/defaults/main.yaml b/roles/prometheus/defaults/main.yaml index e504416..b5f174d 100644 --- a/roles/prometheus/defaults/main.yaml +++ b/roles/prometheus/defaults/main.yaml @@ -39,8 +39,8 @@ prometheus_bin_path: /usr/local/bin prometheus_ssl_enabled: true prometheus_hostname: "{{ prometheus_web_external_url | urlsplit('hostname') }}" -prometheus_ssl_certificate: "/etc/letsencrypt/live/{{ prometheus_hostname }}/fullchain.pem" -prometheus_ssl_certificate_key: "/etc/letsencrypt/live/{{ prometheus_hostname }}/privkey.pem" +prometheus_ssl_certificate: "/var/lib/lego/certificates/{{ prometheus_hostname }}.crt" +prometheus_ssl_certificate_key: "/var/lib/lego/certificates/{{ prometheus_hostname }}.key" prometheus_alertmanager_enabled: true