From 017f5d91edff7e5769c651f5a02c003d3409b878 Mon Sep 17 00:00:00 2001
From: Michael Rennecke <michael.rennecke@gmail.com>
Date: Sat, 8 Jun 2019 20:49:31 +0200
Subject: [PATCH] change rsa key size

---
 hosts.yaml                                  | 2 ++
 roles/haproxy/files/update_haproxy_certs.sh | 3 ++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/hosts.yaml b/hosts.yaml
index 90943ae..694289f 100644
--- a/hosts.yaml
+++ b/hosts.yaml
@@ -7,6 +7,8 @@ all:
   vars:
     ansible_become: false
   
+    certbotdomains:
+      - "jabber.0rpheus.net"
 
     haproxy_domains:
       # <Domain>: <Backend>
diff --git a/roles/haproxy/files/update_haproxy_certs.sh b/roles/haproxy/files/update_haproxy_certs.sh
index ae4e2be..736ffb0 100755
--- a/roles/haproxy/files/update_haproxy_certs.sh
+++ b/roles/haproxy/files/update_haproxy_certs.sh
@@ -13,12 +13,13 @@ do
           --agree-tos                        \
           --email micha@0rpheus.net          \
           --preferred-challenges=http        \
+          --rsa-key-size 4096                \
           --http-01-port=8888
     fi
 done < /etc/haproxy/domains.txt
 
 # renew all certificates
-certbot renew --http-01-port=8888 --preferred-challenges=http
+certbot renew --http-01-port=8888 --preferred-challenges=http --rsa-key-size 4096
 
 # copy certificates
 find /etc/letsencrypt/live/ -mindepth 1 -maxdepth 1 -type d | while read -r domain_path