Commit 685fdbdc authored by Jelle van der Waa's avatar Jelle van der Waa 🚧
Browse files

Merge branch 'certificates' into 'master'

Add missing "create ssl cert" tasks

See merge request !369
parents 2136ced8 316b8517
Pipeline #7300 passed with stage
in 31 seconds
......@@ -23,6 +23,12 @@
user: name=archweb groups=uwsgi
when: archweb_site|bool
- name: create ssl cert
include_role:
name: certificate
vars:
domains: ["{{ [archweb_domain] + archweb_alternate_domains }}"]
- name: set up nginx
template: src=nginx.d.conf.j2 dest="{{ archweb_nginx_conf }}" owner=root group=root mode=644
notify: reload nginx
......
......@@ -120,6 +120,12 @@
become: true
become_user: "{{ aurweb_user }}"
- name: create ssl cert
include_role:
name: certificate
vars:
domains: ["{{ aurweb_domain }}"]
- name: set up nginx
template: src=nginx.d.conf.j2 dest={{ aurweb_nginx_conf }} owner=root group=root mode=644
notify: reload nginx
......
......@@ -26,6 +26,12 @@
notify:
- run sievec
- name: create ssl cert
include_role:
name: certificate
vars:
domains: ["{{ mail_domain }}"]
- name: install dovecot cert renewal hook
template: src=letsencrypt.hook.d.j2 dest=/etc/letsencrypt/hook.d/dovecot owner=root group=root mode=0755
......
......@@ -25,6 +25,12 @@
user=fluxbb host=localhost password={{ fluxbb_db_password }}
priv='fluxbb.*:ALL'
- name: create ssl cert
include_role:
name: certificate
vars:
domains: ["{{ fluxbb_domain }}"]
- name: create nginx log directory
file: path=/var/log/nginx/{{ fluxbb_domain }} state=directory owner=root group=root mode=0755
......
......@@ -19,6 +19,12 @@
- name: fix home permissions
file: state=directory owner="{{ flyspray_user }}" group="{{ flyspray_user }}" path="{{ flyspray_dir }}" mode=0755
- name: create ssl cert
include_role:
name: certificate
vars:
domains: ["{{ flyspray_domain }}"]
- name: set up nginx
template: src=nginx.d.conf.j2 dest="{{ flyspray_nginx_conf }}" owner=root group=root mode=644
notify:
......
......@@ -3,6 +3,12 @@
- name: install grafana
pacman: name=grafana state=present
- name: create ssl cert
include_role:
name: certificate
vars:
domains: ["{{ grafana_domain }}"]
- name: set up nginx
template: src=nginx.d.conf.j2 dest=/etc/nginx/nginx.d/grafana.conf owner=root group=root mode=644
notify:
......
---
- name: create ssl cert
include_role:
name: certificate
vars:
domains: ["{{ hedgedoc_domain }}"]
- name: install hedgedoc
pacman: name=hedgedoc state=present
......
......@@ -69,6 +69,12 @@
group: http
mode: 0640
- name: create ssl cert
include_role:
name: certificate
vars:
domains: ["{{ keycloak_domain }}"]
- name: make nginx log dir
file: path="/var/log/nginx/{{ keycloak_domain }}" state=directory owner=root mode=0755
......
......@@ -21,6 +21,12 @@
- name: set patchwork groups
user: name=patchwork groups=uwsgi
- name: create ssl cert
include_role:
name: certificate
vars:
domains: ["{{ patchwork_domain }}"]
- name: set up nginx
template: src=nginx.d.conf.j2 dest="{{ patchwork_nginx_conf }}" owner=root group=root mode=644
notify:
......
......@@ -39,6 +39,13 @@
notify:
- reload postfix
- name: create ssl cert
include_role:
name: certificate
vars:
domains: ["{{ mail_domain }}"]
when: postfix_smtpd_public
- name: install postfix cert renewal hook
template: src=letsencrypt.hook.d.j2 dest=/etc/letsencrypt/hook.d/postfix owner=root group=root mode=0755
when: postfix_smtpd_public
......
......@@ -33,6 +33,12 @@
Database: ''
creates: /var/lib/quassel/quasselcore.conf
- name: create ssl cert
include_role:
name: certificate
vars:
domains: ["{{ quassel_domain }}"]
- name: install quassel cert renewal hook
template: src=letsencrypt.hook.d.j2 dest=/etc/letsencrypt/hook.d/quassel owner=root group=root mode=0755
......
......@@ -77,6 +77,12 @@
- name: restrict database permissions
file: mode=0640 owner=security group=security path="{{ security_tracker_dir }}/tracker.db"
- name: create ssl cert
include_role:
name: certificate
vars:
domains: ["{{ security_tracker_domain }}"]
- name: set up nginx
template: src=nginx.d.conf.j2 dest="{{ security_tracker_nginx_conf }}" owner=root group=root mode=644
notify:
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment