bitlair/ansible
6
0
Fork 1
Code Issues Pull requests Activity Actions

nginx: Re-introduce bootstrap_certs

Browse source
This commit is contained in:
polyfloyd 2025-04-12 19:18:38 +02:00
parent b680bf6902
commit 75795f0238
5 changed files with 11 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

7
roles/nginx/tasks/main.yaml
View file

@ -7,6 +7,13 @@
when:
- nginx_sites is defined
- name: Install bootstrap cert
ansible.builtin.apt:
name: "ssl-cert"
state: present
when:
- nginx_bootstrap_certs is defined and nginx_bootstrap_certs
- name: Create sites-available / sites-enabled directories
ansible.builtin.file:
state: directory

4
roles/nginx/templates/site.conf.j2
View file

@ -11,8 +11,12 @@ server {
server_name {{ site.server_name | default(inventory_hostname) }}{% if site.server_alias is defined %} {{ site.server_alias }}{% endif %};
include /etc/nginx/tls_params;
{% if nginx_bootstrap_certs | default(false) %}
include "snippets/snakeoil.conf";
{% else %}
ssl_certificate /var/lib/dehydrated/certs/{{ site.server_name }}/fullchain.pem;
ssl_certificate_key /var/lib/dehydrated/certs/{{ site.server_name }}/privkey.pem;
{% endif %}
index {{ nginx_index | default('index.php index.html index.htm') }};
client_max_body_size {{ nginx_client_max_body_size }};