Reworks lets encrypt script.

It now tries to install certbot instead os letsencrypt as it is no
longer available on arch linux under that name. It also adds --expand to
the commandline to allow adding new cnames to the certificate.

2 files changed, 6 insertions, 3 deletions

diff --git a/host_vars/alexstrasza/alexstrasza.yml b/host_vars/alexstrasza/alexstrasza.yml
index 32d9bd2..f693c5f 100644
--- a/host_vars/alexstrasza/alexstrasza.yml
+++ b/host_vars/alexstrasza/alexstrasza.yml
@@ -22,9 +22,12 @@ brentjes_data_folder: brentj.es-data
 lets_encrypt_domains:
   - www.brentj.es
   - brentj.es
-  - mail.brentj.es
   - www.alexstrasza.kassala.de
   - alexstrasza.kassala.de
+  - mail.brentj.es
+  - cgit.brentj.es
+  - phpmyadmin.brentj.es
+  - owncloud.brentj.es
 
 owncloud_database_user: owncloud
 mail_database_user: mail
diff --git a/roles/lets_encrypt/tasks/main.yml b/roles/lets_encrypt/tasks/main.yml
index 755f58d..066cda8 100644
--- a/roles/lets_encrypt/tasks/main.yml
+++ b/roles/lets_encrypt/tasks/main.yml
@@ -1,6 +1,6 @@
 - name: Install lets-encrypt
   become: yes
-  pacman: name=letsencrypt state=present update_cache=yes
+  pacman: name=certbot state=present update_cache=yes
 
 - name: stop webserver
   become: yes
@@ -9,7 +9,7 @@
 
 - name: validate domains
   become: yes
-  command: letsencrypt certonly --standalone --email dennis@brentj.es --agree-tos {% for domain in lets_encrypt_domains %}-d {{ domain }} {% endfor %}
+  command: certbot certonly --standalone --email dennis@brentj.es --agree-tos --expand {% for domain in lets_encrypt_domains %}-d {{ domain }} {% endfor %}
   tags:
     - production_only