Merge branch 'master' of git.dryusdan.fr:Ansible/nginx
This commit is contained in:
commit
77d4bd01a5
|
@ -25,3 +25,4 @@ listen_ipv4:
|
|||
|
||||
listen_ipv6:
|
||||
- "::"
|
||||
|
||||
|
|
|
@ -59,12 +59,13 @@
|
|||
shell: "certbot certonly --non-interactive --webroot --email {{ nginx_letsencrypt_email }} --agree-tos --webroot-path=/var/www/letsencrypt {% for domain in item.server_name %} -d {{ domain }} {% endfor %} --expand --rsa-key-size 4096;"
|
||||
when:
|
||||
- item.ssl
|
||||
- item.letsencrypt is defined
|
||||
|
||||
- name: "Create certificate"
|
||||
shell: "certbot certonly --non-interactive --webroot --email {{ nginx_letsencrypt_email }} --agree-tos --webroot-path=/var/www/letsencrypt {% for domain in item.server_name %} -d {{ domain }} {% endfor %} --expand --rsa-key-size 4096;"
|
||||
when:
|
||||
- item.ssl
|
||||
- item.letsencrypt
|
||||
- item.letsencrypt is defined
|
||||
- item.state == "present" or item.state is not defined
|
||||
- vhost_changed.changed
|
||||
- item.letsencrypt_key is defined and item.letsencrypt_key == "rsa"
|
||||
|
@ -76,7 +77,7 @@
|
|||
shell: "certbot certonly --non-interactive --webroot --email {{ nginx_letsencrypt_email }} --agree-tos --webroot-path=/var/www/letsencrypt {% for domain in item.server_name %} -d {{ domain }} {% endfor %} --expand --key-type ecdsa --elliptic-curve secp384r1;"
|
||||
when:
|
||||
- item.ssl
|
||||
- item.letsencrypt
|
||||
- item.letsencrypt is defined
|
||||
- item.state == "present" or item.state is not defined
|
||||
- vhost_changed.changed
|
||||
- item.letsencrypt_key is not defined
|
||||
|
|
|
@ -13,7 +13,11 @@ ssl_certificate_key {{ item.ssl_certificate_key }};
|
|||
{% endif %}
|
||||
|
||||
include /etc/nginx/conf.d/ssl.conf;
|
||||
{% if item.disable_ocsp is defined and item.disable_ocsp == True %}
|
||||
include /etc/nginx/conf.d/ocsp.conf;
|
||||
{% endif %}
|
||||
{% if item.disable_hsts is defined and item.disable_hsts == True %}
|
||||
include /etc/nginx/conf.d/hsts.conf;
|
||||
{% endif %}
|
||||
|
||||
{% endif %}
|
||||
|
|
Loading…
Reference in New Issue