Update domains and certificates

ansible/provision.yml

@@ -7,37 +7,35 @@
 
   vars:
     certbot_create_if_missing: yes
-    certbot_admin_email: opdavies+https@gmail.com
+    certbot_admin_email: 'opdavies+https@gmail.com'
     certbot_certs:
-      - email: '{{ certbot_admin_email }}'
+      - domains:
-        domains:
+          - oliverdavies.co.uk
-          - oliverdavi.es
+          - www.oliverdavies.co.uk
-          - www.oliverdavi.es
       - domains:
           - oliverdavies.uk
           - www.oliverdavies.uk
+      - domains:
+          - oliverdavi.es
+          - www.oliverdavi.es
+
     nginx_vhosts:
       - listen: 80
-        server_name: 'oliverdavi.es www.oliverdavi.es'
+        server_name: _
-        return: 301 https://{{ server_name }}$request_uri
-        filename: oliverdavi.es.80.conf
-
-      - listen: 80
-        server_name: 'oliverdavies.uk www.oliverdavies.uk'
         return: 301 https://{{ server_name }}$request_uri
         filename: oliverdavies.uk.80.conf
 
       - listen: 443 ssl
-        server_name: 'oliverdavies.uk www.oliverdavies.uk'
+        server_name: oliverdavies.co.uk www.oliverdavies.co.uk
         extra_parameters: |
-          ssl_certificate /etc/letsencrypt/live/oliverdavies.uk/fullchain.pem;
+          ssl_certificate /etc/letsencrypt/live/oliverdavies.co.uk/fullchain.pem;
-          ssl_certificate_key /etc/letsencrypt/live/oliverdavies.uk/privkey.pem;
+          ssl_certificate_key /etc/letsencrypt/live/oliverdavies.co.uk/privkey.pem;
-          ssl_trusted_certificate /etc/letsencrypt/live/oliverdavies.uk/fullchain.pem;
+          ssl_trusted_certificate /etc/letsencrypt/live/oliverdavies.co.uk/fullchain.pem;
         return: 301 https://{{ server_name }}$request_uri
-        filename: oliverdavies.uk.443.conf
+        filename: oliverdavies.co.uk.443.conf
 
       - listen: 443 ssl
-        server_name: oliverdavi.es
+        server_name: oliverdavi.es www.oliverdavi.es
         extra_parameters: |
           ssl_certificate /etc/letsencrypt/live/oliverdavi.es/fullchain.pem;
           ssl_certificate_key /etc/letsencrypt/live/oliverdavi.es/privkey.pem;
@@ -45,6 +43,15 @@
         return: 301 https://{{ server_name }}$request_uri
         filename: oliverdavi.es.443.conf
 
+      - listen: 443 ssl
+        server_name: oliverdavies.uk
+        extra_parameters: |
+          ssl_certificate /etc/letsencrypt/live/oliverdavies.uk/fullchain.pem;
+          ssl_certificate_key /etc/letsencrypt/live/oliverdavies.uk/privkey.pem;
+          ssl_trusted_certificate /etc/letsencrypt/live/oliverdavies.uk/fullchain.pem;
+        return: 301 https://{{ server_name }}$request_uri
+        filename: oliverdavies.uk.443.conf
+
       - listen: 443 ssl
         server_name: '{{ server_name }}'
         root: '/srv/{{ server_name }}/{{ ansistrano_current_dir }}/output_prod'
@@ -52,9 +59,9 @@
         nginx_access_log: '/var/log/nginx/{{ server_name }}_access.log warn'
         error_page: 404 /404.html
         extra_parameters: |
-          ssl_certificate /etc/letsencrypt/live/oliverdavi.es/fullchain.pem;
+          ssl_certificate /etc/letsencrypt/live/oliverdavies.uk/fullchain.pem;
-          ssl_certificate_key /etc/letsencrypt/live/oliverdavi.es/privkey.pem;
+          ssl_certificate_key /etc/letsencrypt/live/oliverdavies.uk/privkey.pem;
-          ssl_trusted_certificate /etc/letsencrypt/live/oliverdavi.es/fullchain.pem;
+          ssl_trusted_certificate /etc/letsencrypt/live/oliverdavies.uk/fullchain.pem;
 
           rewrite ^/(services|work)/?$ /experience permanent;
           rewrite ^/about/?$ / permanent;
@@ -202,7 +209,7 @@
           rewrite ^/terms-and-conditions/?$ /terms permanent;
           rewrite ^/twitter/?$ https://twitter.com/opdavies permanent;
           rewrite ^/youtube/?$ https://www.youtube.com/channel/UC5QoKapQ4bXOVMvN_ng_TYw permanent;
-        filename: www.oliverdavi.es.443.conf
+        filename: www.oliverdavies.uk.443.conf
 
   roles:
     - name: geerlingguy.certbot