From c892543dc36dfde18564664ee6a168a248f18a2e Mon Sep 17 00:00:00 2001
From: Jakub Kadlčík <frostyx@email.cz>
Date: Aug 24 2018 10:00:19 +0000
Subject: Use copr_frontend_public_hostname instead of inventory_hostname


Because inventory_hostname is set to copr-fe.cloud.fedoraproject.org
on frontend production instance. However, we want a variable that
is evaluated to copr.fedorainfracloud.org

---

diff --git a/roles/copr/frontend/tasks/main.yml b/roles/copr/frontend/tasks/main.yml
index 558f07a..9a08f8b 100644
--- a/roles/copr/frontend/tasks/main.yml
+++ b/roles/copr/frontend/tasks/main.yml
@@ -109,7 +109,7 @@
 
 - name: Check that cert file exists
   stat:
-    path: "/etc/letsencrypt/live/{{ inventory_hostname }}/cert.pem"
+    path: "/etc/letsencrypt/live/{{ copr_frontend_public_hostname }}/cert.pem"
   register: stat_cert
 
 - name: Should admin run certbot?
diff --git a/roles/copr/frontend/templates/httpd/coprs_ssl.conf.j2 b/roles/copr/frontend/templates/httpd/coprs_ssl.conf.j2
index 601d397..f440be8 100644
--- a/roles/copr/frontend/templates/httpd/coprs_ssl.conf.j2
+++ b/roles/copr/frontend/templates/httpd/coprs_ssl.conf.j2
@@ -14,12 +14,12 @@ Listen 443 https
     SSLCertificateKeyFile /etc/pki/tls/private/copr.fedorainfracloud.org.key
     SSLCertificateChainFile /etc/pki/tls/certs/copr.fedorainfracloud.org.intermediate.crt
     {% else %}
-    SSLCertificateFile    /etc/letsencrypt/live/{{ inventory_hostname }}/cert.pem
-    SSLCertificateKeyFile  /etc/letsencrypt/live/{{ inventory_hostname }}/privkey.pem
-    SSLCertificateChainFile /etc/letsencrypt/live/{{ inventory_hostname }}/fullchain.pem
+    SSLCertificateFile    /etc/letsencrypt/live/{{ copr_frontend_public_hostname }}/cert.pem
+    SSLCertificateKeyFile  /etc/letsencrypt/live/{{ copr_frontend_public_hostname }}/privkey.pem
+    SSLCertificateChainFile /etc/letsencrypt/live/{{ copr_frontend_public_hostname }}/fullchain.pem
     {% endif %}
 
-    ServerName {{ inventory_hostname }}
+    ServerName {{ copr_frontend_public_hostname }}
 
     WSGIPassAuthorization On
     WSGIScriptAlias / /usr/share/copr/coprs_frontend/application
@@ -68,14 +68,14 @@ Listen 443 https
     SSLCertificateKeyFile /etc/pki/tls/private/copr.fedorainfracloud.org.key
     SSLCertificateChainFile /etc/pki/tls/certs/copr.fedorainfracloud.org.intermediate.crt
     {% else %}
-    SSLCertificateFile    /etc/letsencrypt/live/{{ inventory_hostname }}/cert.pem
-    SSLCertificateKeyFile  /etc/letsencrypt/live/{{ inventory_hostname }}/privkey.pem
-    SSLCertificateChainFile /etc/letsencrypt/live/{{ inventory_hostname }}/fullchain.pem
+    SSLCertificateFile    /etc/letsencrypt/live/{{ copr_frontend_public_hostname }}/cert.pem
+    SSLCertificateKeyFile  /etc/letsencrypt/live/{{ copr_frontend_public_hostname }}/privkey.pem
+    SSLCertificateChainFile /etc/letsencrypt/live/{{ copr_frontend_public_hostname }}/fullchain.pem
     {% endif %}
 
-    ServerAlias {{ inventory_hostname }}
+    ServerAlias {{ copr_frontend_public_hostname }}
 
-    Redirect 302 / https://{{ inventory_hostname }}/
+    Redirect 302 / https://{{ copr_frontend_public_hostname }}/
 </VirtualHost>