From 33a47eb4a908163cb5aa98d3876b8da5bad1607e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aur=C3=A9lien=20Bompard?= Date: Sat, 13 Jan 2018 10:42:11 +0000 Subject: [PATCH] Fix Hubs SSL config for letsencrypt --- .../hosts/hubs-dev.fedorainfracloud.org.yml | 8 ------- roles/hubs/tasks/webserver.yml | 22 +++++++++---------- 2 files changed, 11 insertions(+), 19 deletions(-) diff --git a/playbooks/hosts/hubs-dev.fedorainfracloud.org.yml b/playbooks/hosts/hubs-dev.fedorainfracloud.org.yml index 59a94a9342..6c2215e564 100644 --- a/playbooks/hosts/hubs-dev.fedorainfracloud.org.yml +++ b/playbooks/hosts/hubs-dev.fedorainfracloud.org.yml @@ -76,11 +76,3 @@ - hubs-triage@4 - hubs-worker@3 - hubs-worker@4 - - - name: install python2-certbot-nginx - dnf: name=python2-certbot-nginx state=present - - - name: get the letencrypt cert - command: certbot certonly -n --nginx -d {{ ansible_fqdn }} - args: - creates: /etc/letsencrypt/live/{{ ansible_fqdn }}/privkey.pem diff --git a/roles/hubs/tasks/webserver.yml b/roles/hubs/tasks/webserver.yml index 3359739aa5..2ef0483419 100644 --- a/roles/hubs/tasks/webserver.yml +++ b/roles/hubs/tasks/webserver.yml @@ -8,17 +8,6 @@ - libsemanage-python -- name: Generate SSL certificate and key - shell: - echo -e "--\nSomeState\nSomeCity\nSomeOrganization\nSomeOrganizationalUnit\nlocalhost.localdomain\nroot@localhost.localdomain" - | openssl req -utf8 -newkey rsa:2048 - -keyout /etc/pki/tls/private/localhost.key - -nodes -x509 -days 365 - -out /etc/pki/tls/certs/localhost.crt - args: - creates: /etc/pki/tls/certs/localhost.crt - - - name: Gunicorn logging configuration copy: src: logging.ini @@ -48,6 +37,17 @@ - restart nginx +- name: install python2-certbot-nginx + dnf: name=python2-certbot-nginx state=present + +- name: get the letencrypt cert + command: certbot certonly -n --nginx -d {{ ansible_fqdn }} + args: + creates: /etc/letsencrypt/live/{{ ansible_fqdn }}/privkey.pem + notify: + - restart nginx + + - name: Nginx proxy configuration copy: src: "{{ item }}"