From d09a7528fb463160e21e17d7169e0f9773675668 Mon Sep 17 00:00:00 2001
From: Matthew Fennell <matthew@fennell.dev>
Date: Sat, 5 Jul 2025 23:25:30 +0100
Subject: Manage certificates on localhost

I used to have a dedicated server for cert renewals; now I just run it
from my laptop, with an increased cron frequency. This is simpler,
especially when there is a powercut, and I'll certainly use my laptop
every 30 days.
---
 playbook.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'playbook.yaml')

diff --git a/playbook.yaml b/playbook.yaml
index ac4b2c1..467b1fa 100644
--- a/playbook.yaml
+++ b/playbook.yaml
@@ -59,7 +59,7 @@
        -binary | hexdump -ve '/1 "%02x"'
      register: dane_hash
      changed_when: false
-     delegate_to: "{{ cert_host }}"
+     delegate_to: localhost
 
    # We allow status code 400 here as this is returned by deSEC if the domain
    # already exists. Ideally, we should filter out genuinely good/bad requests
-- 
cgit v1.2.3