ivo/sce
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Make cert location configurable for nginx site

Browse source 
This is slight hack that I want to fix in the future. It is motivated by
the fact that the certbot certificate is valid for all domains that are
requested, instead of a certificate-per-domain.
This commit is contained in:
Ivo C.S. Wingelaar 2024-10-20 11:16:08 +02:00
parent f9d480335f
commit 272d0aa82b
Signed by: ivo
GPG key ID: ABBED434F58D0AA3
2 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
roles/nginx/tasks/main.yml
View file

@ -30,6 +30,7 @@
vars: vars:
site_name: "{{ item['name'] }}" site_name: "{{ item['name'] }}"
site_port: "{{ item['port'] }}" site_port: "{{ item['port'] }}"
site_cert: "{{ item['cert'] }}"
- name: Disable default nginx site - name: Disable default nginx site
ansible.builtin.file: ansible.builtin.file:

4
roles/nginx/templates/nginx-server.j2
View file

@ -5,8 +5,8 @@ server {
server_name {{ site_name }}; server_name {{ site_name }};
ssl_certificate {{ nginx_certificate_path }}/{{ site_name }}/fullchain.pem; ssl_certificate {{ nginx_certificate_path }}/{{ site_cert }}/fullchain.pem;
ssl_certificate_key {{ nginx_certificate_path }}/{{ site_name }}/privkey.pem; ssl_certificate_key {{ nginx_certificate_path }}/{{ site_cert }}/privkey.pem;
{% if auth %} {% if auth %}
auth_basic "SCE"; auth_basic "SCE";