Allow for certificates to be expanded to include new domains #208
Conversation
|
This pr has been marked 'stale' due to lack of recent activity. If there is no further activity, the issue will be closed in another 30 days. Thank you for your contribution! Please read this blog post to see the reasons why I mark issues as stale. |
|
I still believe this is a good addition, as well as the repo is marked as "Maintained?" on Jeff Geerling's Ansible Content |
|
Strongly support adding this, I just got in a real mess trying to add a domain to an existing certificate deployed by this role. Using the branch from this PR resolved my issue. |
|
This pr has been marked 'stale' due to lack of recent activity. If there is no further activity, the issue will be closed in another 30 days. Thank you for your contribution! Please read this blog post to see the reasons why I mark issues as stale. |
|
Still marked as maintained, keeping this open |
|
@geerlingguy Would you mind merging this? |
#49 has been stale since 2020 (but somehow not closed by the stale bot), and #180 and #171 were both closed by the stale bot.
In comparison to #180, this PR only adds
--expandif explicitly set to do it with a new var,certbot_expand, as well as letting certbot handle parsing of existing domains instead of handling it through ansible.We also check if any changes were made when running
certbotby checking if its output contains "no action taken" or not instead of trying to save any state, keeping the entire role stateless.We removed the task "Check if certificate already exists." because as mentioned above, certbot will gracefully handle if the cert already exists, and we check for that by looking for the aforementioned string.