Changeset 47aa50ab in darkpeak-services


Ignore:
Timestamp:
Jul 21, 2018, 5:05:32 PM (19 months ago)
Author:
Mat Booth <mat.booth@…>
Branches:
ansible, keycloak, master, matrix, pleroma
Children:
f4606d4a
Parents:
e6ae53c9
Message:

Install the TLS cert key, too

Location:
roles
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • roles/apache2/templates/apache.vhost.conf.j2

    re6ae53c9 r47aa50ab  
    3838{% if service_name == 'default' %}
    3939                SSLCertificateFile /etc/ssl/private/{{ domain_name }}.pem
    40                 #SSLCertificateKeyFile /etc/ssl/private/{{ domain_name }}.key
     40                SSLCertificateKeyFile /etc/ssl/private/{{ domain_name }}.key
    4141{% else %}
    4242                SSLCertificateFile /etc/ssl/private/{{ domain }}.pem
    43                 #SSLCertificateKeyFile /etc/ssl/private/{{ domain }}.key
     43                SSLCertificateKeyFile /etc/ssl/private/{{ domain }}.key
    4444{% endif %}
    4545
  • roles/tls/tasks/configure-tls-cert.yml

    re6ae53c9 r47aa50ab  
    5959  when: not tls_cert.stat.exists
    6060
     61- name: Install self-signed TLS certificate key
     62  copy:
     63    src: "../../tls/files/ssl/{{ domain_name }}.key"
     64    dest: "/etc/letsencrypt/live/{{ domain_name if service_name == 'default' else domain }}/privkey.pem"
     65    owner: root
     66    group: ssl-cert
     67    mode: 0640
     68  when: not tls_cert.stat.exists
     69
    6170- name: Install symlink to TLS certificate
    6271  file:
     
    6776    state: link
    6877    force: yes
     78
     79- name: Install symlink to TLS certificate key
     80  file:
     81    src: "/etc/letsencrypt/live/{{ domain_name if service_name == 'default' else domain }}/privkey.pem"
     82    dest: "/etc/ssl/private/{{ domain_name if service_name == 'default' else domain }}.key"
     83    owner: root
     84    group: ssl-cert
     85    state: link
     86    force: yes
Note: See TracChangeset for help on using the changeset viewer.