mirror of
https://github.com/MatteZ02/infra.git
synced 2024-11-22 10:40:18 +00:00
Update
This commit is contained in:
parent
32cfff9039
commit
3b441c6fcb
@ -22,6 +22,11 @@ server {
|
||||
return 301 https://$host$request_uri/;
|
||||
}
|
||||
|
||||
location /.well-known/acme-challenge/ {
|
||||
root /usr/share/nginx/html;
|
||||
index index.html index.htm;
|
||||
}
|
||||
|
||||
if ($request_method !~ ^(GET|HEAD|POST)$ )
|
||||
{
|
||||
return 405;
|
||||
@ -30,11 +35,13 @@ server {
|
||||
|
||||
server {
|
||||
|
||||
listen 443 ssl http2 default_server;
|
||||
listen [::]:443 ssl http2 default_server;
|
||||
listen 443 ssl default_server;
|
||||
listen [::]:443 ssl default_server;
|
||||
|
||||
server_name _;
|
||||
|
||||
http2 on;
|
||||
|
||||
ssl_certificate /etc/nginx/certs/mpp/fullchain.pem;
|
||||
ssl_certificate_key /etc/nginx/certs/mpp/privkey.pem;
|
||||
ssl_protocols TLSv1.2 TLSv1.3;
|
||||
|
@ -107,18 +107,18 @@
|
||||
tags:
|
||||
- certbot
|
||||
|
||||
# - name: "Install - Certbot - Create Certificates"
|
||||
# command: "certbot certonly --cert-name {{ cert.name }} --manual --preferred-challenges dns-01 --email {{ cert.email }} --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -n --manual-auth-hook /etc/letsencrypt/renewal-hooks/pre/acme-dns-auth.py --debug-challenges --preferred-chain='ISRG Root X1' --key-type rsa -d {{ cert.domains | join(' -d ') }}"
|
||||
# register: task
|
||||
# changed_when: task.stdout.find("Certificate not yet due for renewal; no action taken.") == -1
|
||||
# vars:
|
||||
# cert:
|
||||
# name: mpp
|
||||
# email: matias.martikainen@metropolia.fi
|
||||
# domains:
|
||||
# - "{{ ansible_facts.fqdn }}"
|
||||
# tags:
|
||||
# - certbot
|
||||
- name: "Install - Certbot - Create Certificates"
|
||||
command: "certbot certonly --cert-name {{ cert.name }} --manual --preferred-challenges http-01 --email {{ cert.email }} --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -n --debug-challenges --preferred-chain='ISRG Root X1' --key-type rsa -d {{ cert.domains | join(' -d ') }}"
|
||||
register: task
|
||||
changed_when: task.stdout.find("Certificate not yet due for renewal; no action taken.") == -1
|
||||
vars:
|
||||
cert:
|
||||
name: mpp
|
||||
email: matias.martikainen@metropolia.fi
|
||||
domains:
|
||||
- "{{ ansible_facts.fqdn }}"
|
||||
tags:
|
||||
- certbot
|
||||
|
||||
- name: "Install - MariaDB - Dependencies / Python Library : pymysql"
|
||||
pip:
|
||||
|
Loading…
Reference in New Issue
Block a user