This commit is contained in:
Christer Warén 2024-04-18 17:24:24 +03:00
parent 32cfff9039
commit 3b441c6fcb
2 changed files with 21 additions and 14 deletions

View File

@ -22,6 +22,11 @@ server {
return 301 https://$host$request_uri/;
}
location /.well-known/acme-challenge/ {
root /usr/share/nginx/html;
index index.html index.htm;
}
if ($request_method !~ ^(GET|HEAD|POST)$ )
{
return 405;
@ -30,11 +35,13 @@ server {
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
server_name _;
http2 on;
ssl_certificate /etc/nginx/certs/mpp/fullchain.pem;
ssl_certificate_key /etc/nginx/certs/mpp/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;

View File

@ -107,18 +107,18 @@
tags:
- certbot
# - name: "Install - Certbot - Create Certificates"
# command: "certbot certonly --cert-name {{ cert.name }} --manual --preferred-challenges dns-01 --email {{ cert.email }} --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -n --manual-auth-hook /etc/letsencrypt/renewal-hooks/pre/acme-dns-auth.py --debug-challenges --preferred-chain='ISRG Root X1' --key-type rsa -d {{ cert.domains | join(' -d ') }}"
# register: task
# changed_when: task.stdout.find("Certificate not yet due for renewal; no action taken.") == -1
# vars:
# cert:
# name: mpp
# email: matias.martikainen@metropolia.fi
# domains:
# - "{{ ansible_facts.fqdn }}"
# tags:
# - certbot
- name: "Install - Certbot - Create Certificates"
command: "certbot certonly --cert-name {{ cert.name }} --manual --preferred-challenges http-01 --email {{ cert.email }} --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -n --debug-challenges --preferred-chain='ISRG Root X1' --key-type rsa -d {{ cert.domains | join(' -d ') }}"
register: task
changed_when: task.stdout.find("Certificate not yet due for renewal; no action taken.") == -1
vars:
cert:
name: mpp
email: matias.martikainen@metropolia.fi
domains:
- "{{ ansible_facts.fqdn }}"
tags:
- certbot
- name: "Install - MariaDB - Dependencies / Python Library : pymysql"
pip: