From ec1ad67ecc363802c0a1312afe767905cacb8fcf Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Wed, 30 Aug 2023 19:11:53 +0200
Subject: fix variable usage in x509 roles

---
 roles/x509/acmetool/cert/prepare/defaults/main.yml |  1 +
 roles/x509/acmetool/cert/prepare/tasks/main.yml    | 10 +++++-----
 2 files changed, 6 insertions(+), 5 deletions(-)

(limited to 'roles/x509/acmetool/cert')

diff --git a/roles/x509/acmetool/cert/prepare/defaults/main.yml b/roles/x509/acmetool/cert/prepare/defaults/main.yml
index d4eb7c86..1765a557 100644
--- a/roles/x509/acmetool/cert/prepare/defaults/main.yml
+++ b/roles/x509/acmetool/cert/prepare/defaults/main.yml
@@ -1,2 +1,3 @@
 ---
 acmetool_cert_hostnames: "{{ x509_certificate_hostnames }}"
+acmetool_cert_name: "{{ x509_certificate_name | default(acmetool_cert_hostnames[0]) }}"
diff --git a/roles/x509/acmetool/cert/prepare/tasks/main.yml b/roles/x509/acmetool/cert/prepare/tasks/main.yml
index 2db332b8..df034e9d 100644
--- a/roles/x509/acmetool/cert/prepare/tasks/main.yml
+++ b/roles/x509/acmetool/cert/prepare/tasks/main.yml
@@ -47,13 +47,13 @@
   - name: install custom hook script
     template:
       src: reload.sh.j2
-      dest: "/etc/acme/hooks/{{ x509_certificate_name }}"
+      dest: "/etc/acme/hooks/{{ acmetool_cert_name }}"
       mode: 0755
 
   - name: install acmetool systemd unit snippet
     when: "'install' in x509_certificate_renewal"
     copy:
-      dest: "/etc/systemd/system/acmetool.service.d/{{ x509_certificate_name }}.conf"
+      dest: "/etc/systemd/system/acmetool.service.d/{{ acmetool_cert_name }}.conf"
       content: |
         [Service]
         {% for path in (x509_certificate_renewal.install | map(attribute='dest') | map('dirname') | unique | list) %}
@@ -64,15 +64,15 @@
   - name: remove acmetool systemd unit snippet
     when: "'install' not in x509_certificate_renewal"
     file:
-      path: "/etc/systemd/system/acmetool.service.d/{{ x509_certificate_name }}.conf"
+      path: "/etc/systemd/system/acmetool.service.d/{{ acmetool_cert_name }}.conf"
       state: absent
     notify: reload systemd
 
 - name: remove custom renewal script
   when: x509_certificate_renewal is not defined
   loop:
-  - "/etc/systemd/system/acmetool.service.d/{{ x509_certificate_name }}.conf"
-  - "/etc/acme/hooks/{{ x509_certificate_name }}"
+  - "/etc/systemd/system/acmetool.service.d/{{ acmetool_cert_name }}.conf"
+  - "/etc/acme/hooks/{{ acmetool_cert_name }}"
   file:
     path: "{{ item }}"
     state: absent
-- 
cgit v1.2.3