misc/ansible-base
0
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

[res]

Browse source
This commit is contained in:
Christian Fraß 2023-12-17 00:14:45 +01:00
parent 10a2e47a3f
commit 990cf65053
4 changed files with 20 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
ansible/roles/element-and-nginx/templates/conf.j2
View file

@ -6,7 +6,7 @@ server {
server_name {{var_element_and_nginx_domain}};
ssl_certificate /etc/ssl/certs/{{var_element_and_nginx_domain}}.pem;
ssl_certificate /etc/ssl/fullchains/{{var_element_and_nginx_domain}}.pem;
ssl_certificate_key /etc/ssl/private/{{var_element_and_nginx_domain}}.pem;
root {{var_element_and_nginx_path}};

2
ansible/roles/synapse-and-nginx/templates/conf.j2
View file

@ -10,7 +10,7 @@ server {
server_name {{var_synapse_and_nginx_domain}};
ssl_certificate /etc/ssl/certs/{{var_synapse_and_nginx_domain}}.pem;
ssl_certificate /etc/ssl/fullchains/{{var_synapse_and_nginx_domain}}.pem;
ssl_certificate_key /etc/ssl/private/{{var_synapse_and_nginx_domain}}.pem;
location ~ ^(/_matrix|/_synapse/client) {

1
ansible/roles/tlscert_existing/defaults/main.json
View file

@ -1,6 +1,7 @@
{
"var_tlscert_existing_key_path": "/tmp/key.pem",
"var_tlscert_existing_cert_path": "/tmp/cert.pem",
"var_tlscert_existing_fullchain_path": "/tmp/fullchain.pem",
"var_tlscert_existing_domain_base": "example.org",
"var_tlscert_existing_domain_path": "foo",
"var_tlscert_existing_ssl_directory": "/etc/ssl"

17
ansible/roles/tlscert_existing/tasks/main.json
View file

@ -28,5 +28,22 @@
"src": "{{var_tlscert_existing_cert_path}}",
"dest": "{{var_tlscert_existing_ssl_directory}}/certs/{{var_tlscert_existing_domain_path}}.{{var_tlscert_existing_domain_base}}.pem"
}
},
{
"name": "fullchain | insert",
"when": "var_tlscert_existing_fullchain_path != None",
"become": true,
"ansible.builtin.copy": {
"src": "{{var_tlscert_existing_fullchain_path}}",
"dest": "{{var_tlscert_existing_ssl_directory}}/fullchains/{{var_tlscert_existing_domain_path}}.{{var_tlscert_existing_domain_base}}.pem"
}
},
{
"name": "fullchain | compose",
"when": "var_tlscert_existing_fullchain_path == None",
"become": true,
"ansible.builtin.shell": {
"cmd": "cat {{var_tlscert_existing_ssl_directory}}/certs/{{var_tlscert_existing_domain_path}}.{{var_tlscert_existing_domain_base}}.pem > {{var_tlscert_existing_ssl_directory}}/fullchains/{{var_tlscert_existing_domain_path}}.{{var_tlscert_existing_domain_base}}.pem"
}
}
]