Adding CertBot necessary configs

.gitmodules

@@ -7,3 +7,6 @@
 [submodule "roles/rp"]
 	path = roles/rp
 	url = gitlab@git.laquadrature.net:lqdn-interne/piops-roles/rp.git
+[submodule "roles/alternc"]
+	path = roles/alternc
+	url = gitlab@git.laquadrature.net:lqdn-interne/piops-roles/alternc.git

ansible.cfg

 [defaults]
 inventory = hosts
 retry_files_enabled = False
+vault_password_file = .password
 
 [diff]
 always = yes

host_vars/pi3.lqdn.fr.yml

@@ -52,7 +52,7 @@ wordpress_wildcard_keyfile: /etc/letsencrypt/live/grange.dev.lqdn.fr/privkey.pem
 
 wordpress_vhost:
     - servername: "grange.dev.lqdn.fr"
-      serveralias: "*.grange.dev.lqdn.fr"
+      serveralias: "\*.grange.dev.lqdn.fr"
       documentroot: "{{ wordpress_path }}"
       allow_override: "All"
       #certificate_file: "{{ wordpress_wildcard_certfile }}"
@@ -63,12 +63,20 @@ wordpress_vhost:
 
 
 
-#certbot_create_command: "{{ certbot_script }} certonly --webroot --webrootpath /var/www/letsencrypt/ --noninteractive --agree-tos --email {{ cert_item.email | default(certbot_admin_email) }} -d {{ cert_item.domains | join(,)"
+certbot_create_method: standalone
+certbot_create_standalone_stop_services:
+    - apache2
 
-#certbot_certs:
-#    - domains:
-#        - "grange.dev.lqdn.fr"
-#        - "*.grange.dev.lqdn.fr"
+certbot_create_command: "{{ certbot_script }} certonly --noninteractive --manual --agree-tos --email {{ cert_item.email | default(certbot_admin_email) }} --server https://acme-v02.api.letsencrypt.org/directory --manual-public-ip-logging-ok --preferred-challenges=dns --agree-tos --manual-auth-hook /usr/local/bin/certbot-auth.php --manual-cleanup-hook /usr/local/bin/certbot-cleanup.php -d {{cert_item.domains | join(',') }}"
+
+certbot_certs:
+    - domains:
+        - "grange.dev.lqdn.fr"
+        - "*.grange.dev.lqdn.fr"
+      email: "okhin@laquadrature.net"
+
+certbot_create_if_missing: True
+certbot_admin_email: okhin@laquadrature.net
 
 rp_path: /srv/rp
 rp_source_path: /srv/rp/rp-rp2
@@ -89,7 +97,7 @@ rp_vhost:
       serveralias: "rp2.dev.lqdn.fr rp.dev.laquadrature.net rp2.dev.laquadrature.net"
       documentroot: "{{ rp_path }}"
       uwsgi:
-          socket: /run/uwsgi/app/rp/socket
+          socket: /run/uwsgi/app/rp2/socket
       statics:
           - alias: /static/
             path: "{{ rp_source_path }}/static/static_root/"
@@ -102,3 +110,17 @@ nodejs_packages_update_cache: no
 npm_packages:
     - yarn
     - webpack
+
+# Altern-C configuration
+alternc_username: pi
+alternc_password: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          36646462633066656439643964376532663562346630333534386366313135303562373464316662
+          3064366534356637623139343132343665623034346239330a643230396666396262383464323266
+          33353037656233326262343939303064653962303364343361396661393762323666333538663838
+          3934383264643161340a623232333162366163623839663930356262636166313563313638393432
+          6261
+alternc_panel_url: https://pi.lqdn.fr/
+alternc_token_file: /root/.alternc-token
+alternc_token_url: "{{ alternc_panel_url }}api/auth/login?login={{ alternc_username }}&password={{ alternc_password | trim }}&duration=3650"
+alternc_domain_root: lqdn.fr

alternc @ 839880e2

+Subproject commit 839880e2e2adcfdead58dde5a7c1b1dbc3ff9da6

rp @ b0b7629d

-Subproject commit 1b52ee2a2d8d92644011c3e146a55926ddc67087
+Subproject commit b0b7629dbee68e166b32becd071b8fc61d2acf69

site.yml

@@ -11,6 +11,7 @@
       - role: geerlingguy.mysql
       - role: geerlingguy.php
       - role: geerlingguy.php-mysql
+      - role: alternc
       - role: geerlingguy.certbot
       - role: geerlingguy.apache
         vars: