Changelog¶
ganto.acme_tiny
This project adheres to Semantic Versioning and human-readable changelog.
The current role maintainer is ganto.
ganto.acme_tiny master - unreleased¶
ganto.acme_tiny v1.0.0 - 2022-06-26¶
Added¶
Makefile
for building documentation
Changed¶
- Update intermediate CA certificate to ‘Let’s Encrypt R3’
- Don’t add Root CA certificate to certificate chain
- Fix user check condition to be compatible with Ansible 2.10
- Fix ignored variable
acme_tiny__cert_symlink
when checking if certificate symlinks should be made - Fix bug where the RSA private key file system group was updated in case the
certificate was generated for a service defined in
acme_tiny__service
which resulted in theacme_tiny__user_name
not being able to read the key anymore. - Update full path of systemctl path used to restart services after
certificate updates from
/usr/bin
to/bin
to be compatible with more Linux distributions such as Debian. - Reload instead of restart services after certificate update
- Use Ansible
openssl_privatekey
module instead of openssl to generate RSA private key - Use fully qualified collection name (FQCN) for Ansible modules
- Require Ansible version 2.8
ganto.acme_tiny v0.1.4 - 2020-06-23¶
Changed¶
- Fix
search
filter converted to test in Ansible 2.9
ganto.acme_tiny v0.1.3 - 2019-11-30¶
Changed¶
- Fix
changed
filter removed in Ansible 2.9
ganto.acme_tiny v0.1.2 - 2019-09-07¶
Added¶
- New variable
acme_tiny__cert_backup
allows to disable backup of existing certificates. Defaults toTrue
.
Changed¶
- Don’t overwrite existing certificate when running
acme-tiny
. First create a temporary file and only copy certificate in place after validation.
ganto.acme_tiny v0.1.1 - 2018-09-23¶
Added¶
- New variable
acme_tiny__ca_directory_url
which allows customization of certificate authority directory URL. Defaults to “Let’s Encrypt”.
Changed¶
- Switch “Let’s Encrypt Authority X3” intermediate certificate from IdenTrust cross-signed to ISRG Root X1 signed, as this CA is now accepted by all major browsers.
- Enable customization of certificate chain via
acme_tiny__ca_chain
configuration variable.