ansible: use letsencrypt renew vs. asking for a new cert every 12 hours

author Alfredo Deza <adeza@redhat.com>

Mon, 8 Aug 2016 19:02:20 +0000 (15:02 -0400)

committer Alfredo Deza <adeza@redhat.com>

Mon, 8 Aug 2016 19:29:41 +0000 (15:29 -0400)
author Alfredo Deza <adeza@redhat.com>
Mon, 8 Aug 2016 19:02:20 +0000 (15:02 -0400)
committer Alfredo Deza <adeza@redhat.com>
Mon, 8 Aug 2016 19:29:41 +0000 (15:29 -0400)
diff --git a/ansible/roles/nginx/tasks/letsencrypt.yml b/ansible/roles/nginx/tasks/letsencrypt.yml

index 4edcf980c4555cde9f5b93503e39a800c700d862..7fad662a428f39d82b0abf759c103dfe6876a667 100644 (file)
--- a/ansible/roles/nginx/tasks/letsencrypt.yml
+++ b/ansible/roles/nginx/tasks/letsencrypt.yml
@@ -42,9 +42,9 @@
  - name: setup a cron to renew the SSL cert every day
    cron:
      name: "renew letsencrypt cert for {{ item.app_name }}"
-    minute: "0"
+    minute: "21"
      hour: "6,18"
-    job: "letsencrypt certonly --webroot -w {{ ssl_webroot_base_path }}/{{ item.fqdn }} -d {{ item.fqdn }} --email {{ ssl_support_email }} --agree-tos --renew-by-default"
+    job: "letsencrypt renew"
    sudo: yes
    with_items: nginx_hosts
author	Alfredo Deza <adeza@redhat.com>
	Mon, 8 Aug 2016 19:02:20 +0000 (15:02 -0400)
committer	Alfredo Deza <adeza@redhat.com>
	Mon, 8 Aug 2016 19:29:41 +0000 (15:29 -0400)