From 229fd0ec676625dc7b860095749403cb279c1b6b Mon Sep 17 00:00:00 2001
From: jurgenhaas <juergen@paragon-es.de>
Date: Fri, 19 May 2017 11:41:21 +0200
Subject: [PATCH] Allow to deactivate letsencrypt certs, i.e. while DNS is not
 available yet

---
 tasks/buildcerts.yml | 1 +
 tasks/main.yml       | 1 +
 2 files changed, 2 insertions(+)

diff --git a/tasks/buildcerts.yml b/tasks/buildcerts.yml
index 795febf..0a453a2 100644
--- a/tasks/buildcerts.yml
+++ b/tasks/buildcerts.yml
@@ -7,5 +7,6 @@
     dest='/etc/haproxy/certs/{{ item.domain }}.pem'
     regexp='(fullchain)|(privkey)\.pem'
   with_items: '{{ proxy_certificates_letsencrypt|default([]) }}'
+  when: item.active|default(true)
   notify:
     - "Restart HAProxy"
diff --git a/tasks/main.yml b/tasks/main.yml
index 73b369f..1eb9091 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -20,6 +20,7 @@
     with_items: '{{ proxy_certificates_letsencrypt|default([]) }}'
     loop_control:
       loop_var: domain
+    when: domain.active|default(true)
 
   - name: "Renew Existing Cert"
     include: '../../letsencrypt/tasks/renew.yml'
-- 
GitLab