Fix typo and bug with non letsencrypt certificate

2024-03-30 13:45:28 +01:00 · 2024-03-30 13:45:28 +01:00 · 5db4e2664e
parent 067abe425b
commit 5db4e2664e
3 changed files with 4 additions and 2 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -25,3 +25,4 @@ listen_ipv4:

 listen_ipv6:
  - "::"
+
--- a/tasks/configure-vhost.yml
+++ b/tasks/configure-vhost.yml
@ -59,6 +59,7 @@
  shell: "certbot certonly --non-interactive  --webroot --email {{ nginx_letsencrypt_email }} --agree-tos --webroot-path=/var/www/letsencrypt {% for domain in item.server_name %} -d {{ domain }} {% endfor %} --expand --rsa-key-size 4096;"
  when: 
    - item.ssl 
+    - item.letsencrypt 

 - name: "Create certificate"
  shell: "certbot certonly --non-interactive  --webroot --email {{ nginx_letsencrypt_email }} --agree-tos --webroot-path=/var/www/letsencrypt {% for domain in item.server_name %} -d {{ domain }} {% endfor %} --expand --rsa-key-size 4096;"
--- a/templates/vhosts/partials/ssl.j2
+++ b/templates/vhosts/partials/ssl.j2
@ -13,10 +13,10 @@ ssl_certificate_key {{ item.ssl_certificate_key }};
 {% endif %}

 include /etc/nginx/conf.d/ssl.conf;
-{% if item.disable_ocsp is defined and item.disable_ocsp is True %}
+{% if item.disable_ocsp is defined and item.disable_ocsp == True %}
 include /etc/nginx/conf.d/ocsp.conf;
 {% endif %}
-{% if item.disable_hsts is defined and item.disable_hsts is True %}
+{% if item.disable_hsts is defined and item.disable_hsts == True %}
 include /etc/nginx/conf.d/hsts.conf;
 {% endif %}