diff --git a/roles/certificates/defaults/main.yml b/roles/certificates/defaults/main.yml index c301646f3..cf3a49f22 100644 --- a/roles/certificates/defaults/main.yml +++ b/roles/certificates/defaults/main.yml @@ -6,6 +6,7 @@ certificates: - name: default - name: main + - name: _ # Do not recreate the certificates by default, # unless they are not valid diff --git a/roles/certificates/tasks/dns-facts.yml b/roles/certificates/tasks/dns-facts.yml index 7cc93a24d..175d1bc36 100644 --- a/roles/certificates/tasks/dns-facts.yml +++ b/roles/certificates/tasks/dns-facts.yml @@ -31,6 +31,17 @@ tags: certs - name: Chheck if the DNS server is resolving correctly + when: certificate.name == '_' + register: host_test + shell: >- + host {{ lookup('random_string') }}.{{ network.domain }} + {{ dns_servers[0] }} | grep {{ fqdn | regex_escape }} + ignore_errors: true + changed_when: false + tags: dns + +- name: Chheck if the DNS server is resolving correctly + when: certificate.name != '_' register: host_test shell: >- host {{ certificate.name }}.{{ network.domain }}