Allow choice in TLS Certificate from mod_md

README.md

@@ -11,7 +11,9 @@ Any pre-requisites that may not be covered by Ansible itself or the role should
 Role Variables
 --------------
 
-A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
+| variable | default | description |
+|-|-|-|
+| mariadb_vhost | inventory_hostname | What mod_md certificate should be used for MariaDB |
 
 Dependencies
 ------------

defaults/main.yml

@@ -1,2 +1,3 @@
 ---
 # defaults file for ensure_mariadb
+mariadb_vhost: '{{ inventory_hostname }}'

templates/Fedora/34/usr/lib/systemd/system/mariadb-copytls.service

@@ -4,7 +4,7 @@ Description=Copy TLS Certificates for Mariadb
 [Service]
 Type=oneshot
 ExecStartPre=mkdir -p /etc/my.cnf.d/certificates
-ExecStart=/bin/bash -lc 'cp /etc/httpd/md/domains/*/*.pem /etc/my.cnf.d/certificates/'
+ExecStart=/bin/bash -lc 'cp /etc/httpd/md/domains/{{ mariadb_vhost }}/*.pem /etc/my.cnf.d/certificates/'
 ExecStartPost=chown -R mysql:mysql /etc/my.cnf.d/certificates
 
 [Install]

templates/Fedora/35/usr/lib/systemd/system/mariadb-copytls.service

@@ -4,7 +4,7 @@ Description=Copy TLS Certificates for Mariadb
 [Service]
 Type=oneshot
 ExecStartPre=mkdir -p /etc/my.cnf.d/certificates
-ExecStart=/bin/bash -lc 'cp /etc/httpd/md/domains/*/*.pem /etc/my.cnf.d/certificates/'
+ExecStart=/bin/bash -lc 'cp /etc/httpd/md/domains/{{ mariadb_vhost }}/*.pem /etc/my.cnf.d/certificates/'
 ExecStartPost=chown -R mysql:mysql /etc/my.cnf.d/certificates
 
 [Install]