From 7e4177451e482a696e2d7364dcf0d8dbad50754d Mon Sep 17 00:00:00 2001
From: Alexander Dahl <alex@netz39.de>
Date: Fri, 28 Mar 2025 06:38:16 +0100
Subject: [PATCH] roles: apache_letsencrypt: Rename variable for challenge dir

The previous variable name is the same as in the role
24367dfa.dehydrated but had a different meaning here.  While in the
dehydrated role it means the directory where the working copy of the
dehydrated git repo is cloned to, in here it meant the directory for the
challenges which is known as "wellknown" dir in the dehydrated project
and role.  Setting this variable before using both roles would most
certainly lead to unexpected results?!

The whole playbook does not set `dehydrated_location` so it goes with
its defaults in both roles currently, probably.

Consistent with the role setup_http_site_proxy now, which configures the
path in the reverse proxy, while this configures the same path in the
actual webserver behind the proxy.

Running the playbooks using both roles yields no change in target
configuration after this changeset.

Link: https://github.com/24367dfa/ansible-role-dehydrated/blob/main/defaults/main.yml
Fixes: 1fe65268987e (":sparkles: Add a role to allow letsencrypt access in Apache2")
---
 roles/apache_letsencrypt/defaults/main.yml                     | 3 ++-
 .../apache_letsencrypt/templates/letsencrypt-directory.conf.j2 | 2 +-
 roles/setup_http_site_proxy/defaults/main.yml                  | 2 +-
 3 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/roles/apache_letsencrypt/defaults/main.yml b/roles/apache_letsencrypt/defaults/main.yml
index 6967d14..2bee48b 100644
--- a/roles/apache_letsencrypt/defaults/main.yml
+++ b/roles/apache_letsencrypt/defaults/main.yml
@@ -1,3 +1,4 @@
 # Defaults for role apache_letsencrypt
 ---
-dehydrated_location: "/usr/local/etc/dehydrated"
+# These match https://github.com/24367dfa/ansible-role-dehydrated
+dehydrated_wellknown_dir: "{{ dehydrated_config_dir }}/challenge"
diff --git a/roles/apache_letsencrypt/templates/letsencrypt-directory.conf.j2 b/roles/apache_letsencrypt/templates/letsencrypt-directory.conf.j2
index a514c34..c52af9e 100644
--- a/roles/apache_letsencrypt/templates/letsencrypt-directory.conf.j2
+++ b/roles/apache_letsencrypt/templates/letsencrypt-directory.conf.j2
@@ -1,3 +1,3 @@
-<Directory {{ dehydrated_location }}/challenge>
+<Directory {{ dehydrated_wellknown_dir }}>
         Require all granted
 </Directory>
diff --git a/roles/setup_http_site_proxy/defaults/main.yml b/roles/setup_http_site_proxy/defaults/main.yml
index e6171ff..dca3596 100644
--- a/roles/setup_http_site_proxy/defaults/main.yml
+++ b/roles/setup_http_site_proxy/defaults/main.yml
@@ -1,4 +1,4 @@
-# Defaults for setup-http-dehydrated
+# Defaults for role setup_http_site_proxy
 ---
 # These match https://github.com/24367dfa/ansible-role-dehydrated
 dehydrated_config_dir: "/usr/local/etc/dehydrated"