From ac0289d88e212e6ba0e21b4a7bb135047047576b Mon Sep 17 00:00:00 2001
From: Matthew Fennell <matthew@fennell.dev>
Date: Sat, 27 Jul 2024 10:24:46 +0100
Subject: Do not manage CAA records in the playbook

These vary significantly from deployment to deployment, and running this
playbook previously caused issues on fennell.dev deployments, where I need to
be able to deploy certificates by other means.
---
 playbook.yaml | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/playbook.yaml b/playbook.yaml
index 64c0243..96d7119 100644
--- a/playbook.yaml
+++ b/playbook.yaml
@@ -170,14 +170,6 @@
          type: TLSA
          ttl: 3600
          records: ["3 1 1 {{ dane_hash.stdout }}"]
-       - subname: ""
-         type: CAA
-         ttl: 3600
-         records:
-          - "0 issue \"letsencrypt.org;validationmethods=dns-01;accounturi=\
-            {{ acme_account_uri_prod }}\""
-          - "0 issue \"letsencrypt.org;validationmethods=dns-01;accounturi=\
-            {{ acme_account_uri_nonprod }}\""
      delegate_to: localhost
 
    - name: Ensure anonymous records are added to subdomain, if needed
-- 
cgit v1.2.3