Skip to content

Wildcard certs #387

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Mstiekema wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Wildcard certs #387

Mstiekema wants to merge 4 commits into from

Conversation

@Mstiekema
Copy link
Member

@Mstiekema Mstiekema commented Apr 4, 2022

Yay! Very nice! I think everything is fixed with this, just have to run all the updated tasks to make sure all the subdomains are still working with the wildcard cert.

Maybe we can also destory a bit of the websites.yml with this PR? Who knows? Only time will tell..

@Mstiekema
Copy link
Member Author

Mstiekema commented Apr 4, 2022

IMPORTANT: Merijn please run the proper roles for make sure it works xoxo

@Riscky
Copy link
Member

Riscky commented Apr 5, 2022

This seems to fail for https://dev.svsticky.nl/ (The certificate is only valid for *.dev.svsticky.nl.). Do we need to request 2 separate certificates?

@Mstiekema
Copy link
Member Author

Mstiekema commented Apr 6, 2022

Do we need to request 2 separate certificates?

Nope, I only had to add the hostname as a seperate domain to the certbot command and poof it's working

@Mstiekema
Copy link
Member Author

Mstiekema commented Apr 6, 2022

TODO: Create a loop to request certs for *.domain.com and domain.com for the following sites:

  • svsticky.nl
  • savadaba.nl
  • execut.nl
  • dgdarc.com

@Riscky Riscky mentioned this pull request Jun 8, 2022
Open
@Riscky Riscky linked an issue Jun 8, 2022 that may be closed by this pull request
Request wildcard certificates #406
Open
Riscky
Riscky reviewed Jun 20, 2022
View reviewed changes
ansible/roles/certbot/tasks/main.yml
--cert-name {{ item }}
--dns-digitalocean
--dns-digitalocean-credentials /etc/letsencrypt/certbot-creds.ini
--domain "*.{% if 'staging' in group_names %}dev.{% endif %}{{ item }}"
Copy link
Member

@Riscky Riscky Jun 20, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

note: to make this work, every domain should get an extra domain record (dev.domainame pointing to the staging server).

@SilasPeters SilasPeters added enhancement Proposes (changes to) a feature maintainability labels Oct 30, 2023
@SilasPeters SilasPeters mentioned this pull request Aug 11, 2024
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@Riscky Riscky Riscky left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

enhancement Proposes (changes to) a feature maintainability

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Request wildcard certificates

4 participants

@Mstiekema @Riscky @SilasPeters