34f153b139
Currently the role will run against all target hosts, and it is possible that the calling playbook runs with a serial: setting to control how many hosts are targetted simultaneously. However, this is not sufficient to guarantee that each potential haproxy server requests a LetsEncrypt certificate sequentially. It is only possible for the loadbalancer to direct the challenge from the ACME server to one certbot instance at a time, so this patch enforces serialisation of the initial certificate generation regardless of the number of target hosts and setting of serial: outside this role. Change-Id: If8ae64bc01510d3570fa4c554463bd6121b21f86 |
||
---|---|---|
.. | ||
haproxy_install.yml | ||
haproxy_post_install.yml | ||
haproxy_pre_install.yml | ||
haproxy_service_config.yml | ||
haproxy_ssl_letsencrypt.yml | ||
main.yml |