Make TLS cert name configurable

deploy_agent_svc_plus.yml

@@ -31,6 +31,9 @@
     agent_id: >-
       {{ lookup('ansible.builtin.env', 'AGENT_ID')
          | default('node-xhttp.svc.plus', true) }}
+    agent_tls_cert_name: >-
+      {{ lookup('ansible.builtin.env', 'AGENT_TLS_CERT_NAME')
+         | default(agent_id, true) }}
     agent_controller_url: >-
       {{ lookup('ansible.builtin.env', 'AGENT_CONTROLLER_URL')
          | default('https://accounts.svc.plus', true) }}

roles/vhosts/agent-svc-plus/defaults/main.yml

@@ -32,6 +32,7 @@ agent_svc_plus_config_path: "{{ agent_svc_plus_config_dir }}/{{ agent_svc_plus_c
 agent_svc_plus_data_dir: "/var/lib/agent-svc-plus"
 
 agent_id: "node-xhttp.svc.plus"
+agent_tls_cert_name: "{{ agent_id }}"
 agent_controller_url: "https://accounts.svc.plus"
 agent_api_token: ""
 agent_http_timeout: "15s"

roles/vhosts/agent-svc-plus/templates/xray.tcp.template.json.j2

@@ -48,8 +48,8 @@
                     "certificates": [
                         {
                             "ocspStapling": 3600,
-                            "certificateFile": "/var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/{{ agent_id }}/{{ agent_id }}.crt",
+                            "certificateFile": "/var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/{{ agent_tls_cert_name }}/{{ agent_tls_cert_name }}.crt",
-                            "keyFile": "/var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/{{ agent_id }}/{{ agent_id }}.key"
+                            "keyFile": "/var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/{{ agent_tls_cert_name }}/{{ agent_tls_cert_name }}.key"
                         }
                     ]
                 }