Fix the path of the letsencrypt certificates.

2024-11-28 17:51:44 +01:00 · 2024-11-28 17:51:44 +01:00 · 6712574bd6
parent d36c88673c
commit 6712574bd6
2 changed files with 3 additions and 3 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -125,9 +125,9 @@ psql_streaming_replication_config:
 psql_enable_ssl: false
 psql_force_ssl_client_connection: false
 postgresql_letsencrypt_managed: '{% if letsencrypt_acme_install is defined and letsencrypt_acme_install %}true{% else %}false{% endif %}'
-psql_ssl_privkey_global_file: '{% if postgresql_letsencrypt_managed %}/var/lib/acme/live/{{ ansible_fqdn }}/privkey{% else %}{{ pki_dir }}/keys/{{ ansible_fqdn}}-key.pem{% endif %}'
+psql_ssl_privkey_global_file: '{% if postgresql_letsencrypt_managed %}{{ letsencrypt_acme_sh_certificates_install_path }}/privkey{% else %}{{ pki_dir }}/keys/{{ ansible_fqdn}}-key.pem{% endif %}'
 psql_ssl_privkey_file: /etc/pki/postgresql/postgresql.key
-psql_ssl_cert_file: '{% if postgresql_letsencrypt_managed %}/var/lib/acme/live/{{ ansible_fqdn }}/fullchain{% else %}{{ pki_dir }}/certs/{{ ansible_fqdn}}.pem{% endif %}'
+psql_ssl_cert_file: '{% if postgresql_letsencrypt_managed %}{{ letsencrypt_acme_sh_certificates_install_path }}/fullchain{% else %}{{ pki_dir }}/certs/{{ ansible_fqdn}}.pem{% endif %}'
 # In CentOS/RHEL is /etc/pki/tls/cert.pem
 psql_ssl_ca_file: '/etc/ssl/certs/ca-certificates.crt'
 psql_conf_ssl_parameters: 
--- a/templates/postgresql-letsencrypt-acme.sh.j2
+++ b/templates/postgresql-letsencrypt-acme.sh.j2
@ -2,7 +2,7 @@
 H_NAME=$( hostname -f )
 LE_SERVICES_SCRIPT_DIR=/usr/lib/acme/hooks
-LE_CERTS_DIR=/var/lib/acme/live/$H_NAME
+LE_CERTS_DIR={{ letsencrypt_acme_sh_certificates_install_path }}
 LE_LOG_DIR=/var/log/letsencrypt
 POSTGRESQL_CERTDIR=/etc/pki/postgresql
 POSTGRESQL_KEYFILE=$POSTGRESQL_CERTDIR/postgresql.key