aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/roles/letsencrypt
diff options
context:
space:
mode:
authorEgor Tensin <egor@tensin.name>2023-12-26 21:38:37 +0100
committerEgor Tensin <egor@tensin.name>2023-12-26 21:50:04 +0100
commitccfa4cb18d764ce2e4ef02545c829eaa0296ecf0 (patch)
tree33f691d1c97153d01063fae8e925cf880df1e923 /roles/letsencrypt
parentv2.0.1 (diff)
downloadinfra-ansible-ccfa4cb18d764ce2e4ef02545c829eaa0296ecf0.tar.gz
infra-ansible-ccfa4cb18d764ce2e4ef02545c829eaa0296ecf0.zip
letsencrypt: don't sort SANs
Sort them in the /etc status file only, for consistency. This should allow users to supply the SANs in custom order, preserving the intended main certificate domain (or whatever the technical term is).
Diffstat (limited to 'roles/letsencrypt')
-rw-r--r--roles/letsencrypt/tasks/domain.yml2
-rw-r--r--roles/letsencrypt/templates/domain_list.txt.j22
2 files changed, 2 insertions, 2 deletions
diff --git a/roles/letsencrypt/tasks/domain.yml b/roles/letsencrypt/tasks/domain.yml
index bc6e581..0ff74e9 100644
--- a/roles/letsencrypt/tasks/domain.yml
+++ b/roles/letsencrypt/tasks/domain.yml
@@ -2,7 +2,7 @@
become: true
vars:
certificate_name: '{{ domain.name | default(domain) }}'
- certificate_domains: "{{ domain.domains | default([certificate_name]) | sort | unique }}"
+ certificate_domains: "{{ domain.domains | default([certificate_name]) | unique }}"
block:
- name: Cache domain list
ansible.builtin.template:
diff --git a/roles/letsencrypt/templates/domain_list.txt.j2 b/roles/letsencrypt/templates/domain_list.txt.j2
index d37e0bd..4641e2f 100644
--- a/roles/letsencrypt/templates/domain_list.txt.j2
+++ b/roles/letsencrypt/templates/domain_list.txt.j2
@@ -2,6 +2,6 @@
{{ letsencrypt_email }}
{{ letsencrypt_credentials_ini }}
-{% for domain in certificate_domains %}
+{% for domain in certificate_domains | sort %}
{{ domain }}
{% endfor %}