pagure: Fix stunnel config so it validates for ssl by using the intermediate cert with a bundle.
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This commit is contained in:
parent
990f66391b
commit
92c3e16b55
2 changed files with 22 additions and 1 deletions
|
@ -153,6 +153,22 @@
|
|||
- stunnel
|
||||
- config
|
||||
|
||||
- name: make a bundle file of the cert and intermediate for stunnel
|
||||
shell: cat /etc/pki/tls/certs/pagure.io.cert /etc/pki/tls/certs/pagure.io.intermediate.cert > /etc/pki/tls/certs/pagure.io.bundle.cert creates=/etc/pki/tls/certs/pagure.io.bundle.cert
|
||||
tags:
|
||||
- pagure
|
||||
- stunnel
|
||||
- config
|
||||
when: env != 'pagure-staging'
|
||||
|
||||
- name: make a bundle file of the cert and intermediate for stunnel (stg)
|
||||
shell: cat /etc/pki/tls/certs/stg.pagure.io.cert /etc/pki/tls/certs/stg.pagure.io.intermediate.cert > /etc/pki/tls/certs/stg.pagure.io.bundle.cert creates=/etc/pki/tls/certs/stg.pagure.io.bundle.cert
|
||||
tags:
|
||||
- pagure
|
||||
- stunnel
|
||||
- config
|
||||
when: env == 'pagure-staging'
|
||||
|
||||
- name: install stunnel.conf
|
||||
template: src={{ item.file }}
|
||||
dest={{ item.dest }}
|
||||
|
|
|
@ -1,5 +1,10 @@
|
|||
cert = /etc/pki/tls/certs/pagure.io.cert
|
||||
{% if env == 'pagure-staging' %}
|
||||
cert = /etc/pki/tls/certs/stg.pagure.io.bundle.cert
|
||||
key = /etc/pki/tls/certs/pagure.io.key
|
||||
{% else %}
|
||||
cert = /etc/pki/tls/certs/pagure.io.bundle.cert
|
||||
key = /etc/pki/tls/certs/pagure.io.key
|
||||
{% endif %}
|
||||
pid = /var/run/stunnel.pid
|
||||
|
||||
[{{ stunnel_service }}]
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue