make dmarc more aggressive, fix unresolved mail addresses

author: Elizabeth Hunt <elizabeth.hunt@simponic.xyz> 2024-01-07 02:38:42 -0500
committer: Elizabeth Hunt <elizabeth.hunt@simponic.xyz> 2024-01-07 02:38:42 -0500
commit: ce4c85dd6f99506128bb125e26728a7416660397 (patch)
tree: 33726f0873f2707b69cdbe0074f97a14dd2b7ae0 /roles/private/tasks
parent: ae64628958a10362aa7c65050ca8ff2546220c95 (diff)
download: oldinfra-ce4c85dd6f99506128bb125e26728a7416660397.tar.gz
oldinfra-ce4c85dd6f99506128bb125e26728a7416660397.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/roles/private/tasks/main.yml b/roles/private/tasks/main.yml
index 65f544b..dabebeb 100644
--- a/roles/private/tasks/main.yml
+++ b/roles/private/tasks/main.yml
@@ -87,7 +87,8 @@
 - name: add daily letsencrypt cronjob for cert renewal based on hash of domain name to prevent hitting LE rate limits
   cron:
     name: "letsencrypt_renewal_{{ item.stdout }}"
-    special_time: "daily"
+    minute: "0"
+    hour: "5,17"
     job: "REQUESTS_CA_BUNDLE=/usr/local/share/ca-certificates/{{ step_bootstrap_ca_url }}.crt letsencrypt renew --server https://{{ step_bootstrap_ca_url }}:{{ step_ca_port }}/acme/ACME/directory --cert-name {{ item.stdout }} -n --webroot -w /var/www/letsencrypt --agree-tos --email {{ step_acme_cert_contact }} && service nginx reload"
   loop: "{{ extracted_domains.results }}"
   when: item.stdout != ""
author	Elizabeth Hunt <elizabeth.hunt@simponic.xyz>	2024-01-07 02:38:42 -0500
committer	Elizabeth Hunt <elizabeth.hunt@simponic.xyz>	2024-01-07 02:38:42 -0500
commit	ce4c85dd6f99506128bb125e26728a7416660397 (patch)
tree	33726f0873f2707b69cdbe0074f97a14dd2b7ae0 /roles/private/tasks
parent	ae64628958a10362aa7c65050ca8ff2546220c95 (diff)
download	oldinfra-ce4c85dd6f99506128bb125e26728a7416660397.tar.gz oldinfra-ce4c85dd6f99506128bb125e26728a7416660397.zip