From 6712574bd68b65fa1e100f1f1dd74a7ba9cb543d Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <andrea.dellamico@isti.cnr.it>
Date: Thu, 28 Nov 2024 17:51:44 +0100
Subject: [PATCH] Fix the path of the letsencrypt certificates.

---
 defaults/main.yml                           | 4 ++--
 templates/postgresql-letsencrypt-acme.sh.j2 | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index 28302c5..36ad70d 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -125,9 +125,9 @@ psql_streaming_replication_config:
 psql_enable_ssl: false
 psql_force_ssl_client_connection: false
 postgresql_letsencrypt_managed: '{% if letsencrypt_acme_install is defined and letsencrypt_acme_install %}true{% else %}false{% endif %}'
-psql_ssl_privkey_global_file: '{% if postgresql_letsencrypt_managed %}/var/lib/acme/live/{{ ansible_fqdn }}/privkey{% else %}{{ pki_dir }}/keys/{{ ansible_fqdn}}-key.pem{% endif %}'
+psql_ssl_privkey_global_file: '{% if postgresql_letsencrypt_managed %}{{ letsencrypt_acme_sh_certificates_install_path }}/privkey{% else %}{{ pki_dir }}/keys/{{ ansible_fqdn}}-key.pem{% endif %}'
 psql_ssl_privkey_file: /etc/pki/postgresql/postgresql.key
-psql_ssl_cert_file: '{% if postgresql_letsencrypt_managed %}/var/lib/acme/live/{{ ansible_fqdn }}/fullchain{% else %}{{ pki_dir }}/certs/{{ ansible_fqdn}}.pem{% endif %}'
+psql_ssl_cert_file: '{% if postgresql_letsencrypt_managed %}{{ letsencrypt_acme_sh_certificates_install_path }}/fullchain{% else %}{{ pki_dir }}/certs/{{ ansible_fqdn}}.pem{% endif %}'
 # In CentOS/RHEL is /etc/pki/tls/cert.pem
 psql_ssl_ca_file: '/etc/ssl/certs/ca-certificates.crt'
 psql_conf_ssl_parameters: 
diff --git a/templates/postgresql-letsencrypt-acme.sh.j2 b/templates/postgresql-letsencrypt-acme.sh.j2
index 9a2723e..f544354 100644
--- a/templates/postgresql-letsencrypt-acme.sh.j2
+++ b/templates/postgresql-letsencrypt-acme.sh.j2
@@ -2,7 +2,7 @@
 
 H_NAME=$( hostname -f )
 LE_SERVICES_SCRIPT_DIR=/usr/lib/acme/hooks
-LE_CERTS_DIR=/var/lib/acme/live/$H_NAME
+LE_CERTS_DIR={{ letsencrypt_acme_sh_certificates_install_path }}
 LE_LOG_DIR=/var/log/letsencrypt
 POSTGRESQL_CERTDIR=/etc/pki/postgresql
 POSTGRESQL_KEYFILE=$POSTGRESQL_CERTDIR/postgresql.key