diff options
author | Egor Tensin <egor@tensin.name> | 2023-12-26 21:38:37 +0100 |
---|---|---|
committer | Egor Tensin <egor@tensin.name> | 2023-12-26 21:50:04 +0100 |
commit | ccfa4cb18d764ce2e4ef02545c829eaa0296ecf0 (patch) | |
tree | 33f691d1c97153d01063fae8e925cf880df1e923 /roles/letsencrypt | |
parent | v2.0.1 (diff) | |
download | infra-ansible-ccfa4cb18d764ce2e4ef02545c829eaa0296ecf0.tar.gz infra-ansible-ccfa4cb18d764ce2e4ef02545c829eaa0296ecf0.zip |
letsencrypt: don't sort SANs
Sort them in the /etc status file only, for consistency. This should
allow users to supply the SANs in custom order, preserving the intended
main certificate domain (or whatever the technical term is).
Diffstat (limited to 'roles/letsencrypt')
-rw-r--r-- | roles/letsencrypt/tasks/domain.yml | 2 | ||||
-rw-r--r-- | roles/letsencrypt/templates/domain_list.txt.j2 | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/roles/letsencrypt/tasks/domain.yml b/roles/letsencrypt/tasks/domain.yml index bc6e581..0ff74e9 100644 --- a/roles/letsencrypt/tasks/domain.yml +++ b/roles/letsencrypt/tasks/domain.yml @@ -2,7 +2,7 @@ become: true vars: certificate_name: '{{ domain.name | default(domain) }}' - certificate_domains: "{{ domain.domains | default([certificate_name]) | sort | unique }}" + certificate_domains: "{{ domain.domains | default([certificate_name]) | unique }}" block: - name: Cache domain list ansible.builtin.template: diff --git a/roles/letsencrypt/templates/domain_list.txt.j2 b/roles/letsencrypt/templates/domain_list.txt.j2 index d37e0bd..4641e2f 100644 --- a/roles/letsencrypt/templates/domain_list.txt.j2 +++ b/roles/letsencrypt/templates/domain_list.txt.j2 @@ -2,6 +2,6 @@ {{ letsencrypt_email }} {{ letsencrypt_credentials_ini }} -{% for domain in certificate_domains %} +{% for domain in certificate_domains | sort %} {{ domain }} {% endfor %} |