Closed mgedmin closed 4 years ago
mgedmin
commented
4 years ago Yes, I noticed that apache configs were redirect-only.
(I was checking to see if the pycon.lt postfix virtual map was managed by ansible when I noticed this playbook, and I became worried it might downgrade my certbot in /opt/letsencrypt to something ancient, hence this PR.)
sirex
commented
4 years ago pycon.lt posfix virtual map is not managed by ansible. Since this is an open repository, probably it is not a good idea, to expose all the emails here?
mgedmin
commented
4 years ago That sounds sensible.
install certbot and certbot-apache instead of letsencrypt and letsencrypt-apache (they're the same thing, renamed in 2016): https://community.letsencrypt.org/t/new-name-certbot-for-python-lets-encrypt-client/15688
using with_items to install multiple items for apt/pip modules was deprecated in Ansible 2.7: https://docs.ansible.com/ansible/latest/porting_guides/porting_guide_2.7.html#using-a-loop-on-a-package-module-via-squash-actions
remove an unused handler that used an undefined variable, to avoid confusion
make ansible-playbook --check runs not return spurious 'changed' results from deficiencies of the pip module: https://github.com/ansible/ansible/issues/29895
add an ansible.cfg that specifies the default inventory file, for convenience (you still have to specify username and whether you want to use --become on the command line)