From 92f28d85fec255fdfab55ba19153a07d09c8629b Mon Sep 17 00:00:00 2001
From: Jeremy Lecour <jlecour@evolix.fr>
Date: Mon, 3 May 2021 11:44:59 +0200
Subject: [PATCH] certbot: configure remote servers

---
 certbot/defaults/main.yml | 2 ++
 certbot/tasks/main.yml    | 7 +++++++
 2 files changed, 9 insertions(+)

diff --git a/certbot/defaults/main.yml b/certbot/defaults/main.yml
index 99f02e15..2d198b43 100644
--- a/certbot/defaults/main.yml
+++ b/certbot/defaults/main.yml
@@ -2,3 +2,5 @@
 
 certbot_work_dir: /var/lib/letsencrypt
 certbot_custom_crontab: True
+
+certbot_hooks_sync_remote_servers: []
\ No newline at end of file
diff --git a/certbot/tasks/main.yml b/certbot/tasks/main.yml
index 54c1f803..0e65beda 100644
--- a/certbot/tasks/main.yml
+++ b/certbot/tasks/main.yml
@@ -29,6 +29,13 @@
     owner: root
     group: root
 
+- name: "sync_remote is configured with servers"
+  lineinfile:
+    dest: /etc/letsencrypt/renewal-hooks/deploy/sync_remote.cf
+    regexp: "^servers\b"
+    line: "servers=\"{{ certbot_hooks_sync_remote_servers | join(' ') }}\""
+    create: yes
+
 - name: Move commit-etc.sh to z-commit-etc.sh if present
   command: "mv /etc/letsencrypt/renewal-hooks/deploy/commit-etc.sh /etc/letsencrypt/renewal-hooks/deploy/z-commit-etc.sh"
   args: