-
-
Notifications
You must be signed in to change notification settings - Fork 351
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Provide setting to use staging server #23
Comments
Thinking about this, it might be a good idea to have this in a configuration file. This allows easy changes w/o breaking cron jobs, etc. But this wouldn't be limited to the https://certbot.eff.org/docs/using.html#configuration-file Certbot has a lot of possible settings, so I think it is inappropriate to introduce role variables for all of them. Instead I propose adding a single role variable What do you think? Would be nice to have a design decision. Maybe I find time to work on this afterwards. |
Yeah, definitely! I'll take a look at the PR (noting that I'd rather not merge until we can find a way to make it pass tests). |
Ok, that's fine. While I still think this is out of scope of the PR, because the failed tests stem from the changed Ansible behavior, I would add commits to work around this if you tell me how it should look like. |
Just giving a second pass here—I still do like the idea, but one thing that may help in many cases is to have test/non-public environments generate a self-signed cert instead. That's how I've been building my prod/test splits lately, since it allows things to work even without public internet access. |
This issue has been marked 'stale' due to lack of recent activity. If there is no further activity, the issue will be closed in another 30 days. Thank you for your contribution! Please read this blog post to see the reasons why I mark issues as stale. |
This is still an issue. |
This issue is no longer marked for closure. |
I do think we should allow the use of the staging environment (e.g. for CI, local testing, etc.), so will add a label to prevent stale bot from taking down this issue. |
It's easy to add support for |
For testing playbooks and roles, it would be reasonable to tell certbot to use the staging Let's Encrypt ACME server. Especially when #12 is implemented (and for the work on this as well) since one's test environment may not have valid domain names where legitimate certificates can be requested for.
On the first glance, introducing a
certbot_staging_server
setting and conditionally applying--staging
to certbot commands is easy. That may be enough but we should think of the cronjob and if this becomes inconsistent when the setting eventually changes.The text was updated successfully, but these errors were encountered: