mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2024-09-22 21:00:40 +02:00
2d152700b6
It should make it easier to change how the certificates is issued. Ex: If we want to switch to ECDSA certificates in the future or replace certbot with something else.
17 lines
503 B
YAML
17 lines
503 B
YAML
---
|
|
- name: create ssl cert
|
|
include_role:
|
|
name: certificate
|
|
vars:
|
|
domains: "{{ ['mta-sts.'] | product(item.domains) | map('join') }}"
|
|
loop: "{{ mta_sts }}"
|
|
|
|
- name: make nginx log dir
|
|
file: path=/var/log/nginx/{{ "mta-sts." + item.domains | first }} state=directory owner=root group=root mode=0755
|
|
loop: "{{ mta_sts }}"
|
|
|
|
- name: set up nginx
|
|
template: src=nginx.d.conf.j2 dest="/etc/nginx/nginx.d/mta-sts.conf" owner=root group=root mode=644
|
|
notify: reload nginx
|
|
tags: ['nginx']
|