Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

and we have a ssl-conf file

Browse source
This commit is contained in:
Stephen Smoogen 2017-06-22 23:42:13 +00:00
parent 5d28f51f55
commit 41407ad951
2 changed files with 24 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
roles/nagios_server/tasks/main.yml
View file

@ -53,6 +53,13 @@
tags: tags:
- nagios_server - nagios_server
- name: Install the SSL apache module
yum: name={{ item }} state=present
with_items:
- mod_ssl
when: env == "production" and nagios_location == "external"
## Copy over the httpd SSL certs for external ## Copy over the httpd SSL certs for external
- name: Install the SSL cert so that we can use https - name: Install the SSL cert so that we can use https
copy: > copy: >

17
roles/nagios_server/templates/httpd/0_nagios-external.conf Normal file
View file

@ -0,0 +1,17 @@
<VirtualHost *:80>
ServerName nagios-external.fedoraproject.org
Redirect permanent / https://nagios-external.fedoraproject.org/
</VirtualHost>
<VirtualHost *:443>
ServerName nagios-external.fedoraproject.org:443
SSLEngine on
SSLProtocol {{ ssl_protocols }}
SSLCipherSuite {{ ssl_ciphers }}
Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
SSLCertificateFile /etc/pki/tls/certs/noc02.fedoraproject.org.cert
SSLCertificateChainFile /etc/pki/tls/certs/noc02.fedoraproject.org.intermediate.cert
SSLCertificateKeyFile /etc/pki/tls/certs/noc02.fedoraproject.org.key
</VirtualHost>