From e35b653af987ae57dac7525d669cb02bf0a4a545 Mon Sep 17 00:00:00 2001 From: Beth Date: Fri, 28 Mar 2025 14:59:36 -0500 Subject: [PATCH 1/6] initial ipa-server config --- playbook_templates/ipa.actcur.com | 5 +++++ var_files/certbot/ipa.actcur.com | 7 +++++++ 2 files changed, 12 insertions(+) create mode 100644 playbook_templates/ipa.actcur.com create mode 100644 var_files/certbot/ipa.actcur.com diff --git a/playbook_templates/ipa.actcur.com b/playbook_templates/ipa.actcur.com new file mode 100644 index 0000000..8a8a53c --- /dev/null +++ b/playbook_templates/ipa.actcur.com @@ -0,0 +1,5 @@ +role:core:v1.2:core +role:certbot:v1.1:common,certbot +role:ipa-server:testing:workload,ipa-server + +# end of file diff --git a/var_files/certbot/ipa.actcur.com b/var_files/certbot/ipa.actcur.com new file mode 100644 index 0000000..c727b51 --- /dev/null +++ b/var_files/certbot/ipa.actcur.com @@ -0,0 +1,7 @@ +--- +# vars file for certbot on ipa.actcur.com + +domains: + - domain: ipa.actcur.com + +# end of file \ No newline at end of file -- 2.49.0 From 89a00d05ebfee41dacfb9a953f64e59ae10b2d75 Mon Sep 17 00:00:00 2001 From: Beth Date: Fri, 28 Mar 2025 15:33:25 -0500 Subject: [PATCH 2/6] move certbot after ipa-server to resolve port issue - should be moved back after firewall role is built --- playbook_templates/ipa.actcur.com | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/playbook_templates/ipa.actcur.com b/playbook_templates/ipa.actcur.com index 8a8a53c..b5e8a88 100644 --- a/playbook_templates/ipa.actcur.com +++ b/playbook_templates/ipa.actcur.com @@ -1,5 +1,5 @@ role:core:v1.2:core -role:certbot:v1.1:common,certbot role:ipa-server:testing:workload,ipa-server +role:certbot:v1.1:common,certbot # end of file -- 2.49.0 From e7b63d74be88e29e82945f69944d3d923524f933 Mon Sep 17 00:00:00 2001 From: Beth Date: Fri, 28 Mar 2025 16:40:32 -0500 Subject: [PATCH 3/6] temporarily remove certbot for testing --- playbook_templates/ipa.actcur.com | 1 - 1 file changed, 1 deletion(-) diff --git a/playbook_templates/ipa.actcur.com b/playbook_templates/ipa.actcur.com index b5e8a88..bdfe9ab 100644 --- a/playbook_templates/ipa.actcur.com +++ b/playbook_templates/ipa.actcur.com @@ -1,5 +1,4 @@ role:core:v1.2:core role:ipa-server:testing:workload,ipa-server -role:certbot:v1.1:common,certbot # end of file -- 2.49.0 From 239167f478a45be271063336fc512c60a857b1ff Mon Sep 17 00:00:00 2001 From: Beth Date: Fri, 28 Mar 2025 16:43:37 -0500 Subject: [PATCH 4/6] readded certbot --- playbook_templates/ipa.actcur.com | 1 + 1 file changed, 1 insertion(+) diff --git a/playbook_templates/ipa.actcur.com b/playbook_templates/ipa.actcur.com index bdfe9ab..b5e8a88 100644 --- a/playbook_templates/ipa.actcur.com +++ b/playbook_templates/ipa.actcur.com @@ -1,4 +1,5 @@ role:core:v1.2:core role:ipa-server:testing:workload,ipa-server +role:certbot:v1.1:common,certbot # end of file -- 2.49.0 From 02b0a7dd0ceb8a094e1cbb1eb739ca26e46bcc7f Mon Sep 17 00:00:00 2001 From: Beth Date: Sat, 29 Mar 2025 22:12:38 -0500 Subject: [PATCH 5/6] Added ipa2 --- playbook_templates/ipa2.actcur.com | 5 +++++ var_files/certbot/ipa2.actcur.com | 7 +++++++ 2 files changed, 12 insertions(+) create mode 100644 playbook_templates/ipa2.actcur.com create mode 100644 var_files/certbot/ipa2.actcur.com diff --git a/playbook_templates/ipa2.actcur.com b/playbook_templates/ipa2.actcur.com new file mode 100644 index 0000000..b5e8a88 --- /dev/null +++ b/playbook_templates/ipa2.actcur.com @@ -0,0 +1,5 @@ +role:core:v1.2:core +role:ipa-server:testing:workload,ipa-server +role:certbot:v1.1:common,certbot + +# end of file diff --git a/var_files/certbot/ipa2.actcur.com b/var_files/certbot/ipa2.actcur.com new file mode 100644 index 0000000..7585cd6 --- /dev/null +++ b/var_files/certbot/ipa2.actcur.com @@ -0,0 +1,7 @@ +--- +# vars file for certbot on ipa.actcur.com + +domains: + - domain: ipa2.actcur.com + +# end of file \ No newline at end of file -- 2.49.0 From af12d63c44392cb0eb9b22178d3075650f728e85 Mon Sep 17 00:00:00 2001 From: Beth Date: Sat, 29 Mar 2025 22:53:05 -0500 Subject: [PATCH 6/6] removed certbot from ipa2 - use self-signed certs for non-primary to reduce chance of catastropic failure --- playbook_templates/ipa2.actcur.com | 1 - 1 file changed, 1 deletion(-) diff --git a/playbook_templates/ipa2.actcur.com b/playbook_templates/ipa2.actcur.com index b5e8a88..bdfe9ab 100644 --- a/playbook_templates/ipa2.actcur.com +++ b/playbook_templates/ipa2.actcur.com @@ -1,5 +1,4 @@ role:core:v1.2:core role:ipa-server:testing:workload,ipa-server -role:certbot:v1.1:common,certbot # end of file -- 2.49.0