Add certs and enable SSL

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>

roles/regcfp/files/regcfp.service

@@ -6,7 +6,7 @@ StandardError=syslog
 SyslogIdentifier=regcfp
 User=root
 Group=root
-WorkinDirectory=/srv/regcfp
+WorkingDirectory=/srv/regcfp
 Environment=NODE_ENV=production
 
 [Install]

roles/regcfp/tasks/main.yml

@@ -27,6 +27,21 @@
   notify:
   - restart regcfp
 
+- name: Copy over the ftf certs
+  copy: src="{{private}}/files/httpd/{{item}}"
+        dest=/etc/pki/tls/certs
+  with_items:
+  - flocktofedora.org.crt
+  - flocktofedora.org.intermediate.crt
+  notify:
+  - restart regcfp
+  
+- name: Copy over the ftf cert key
+  copy: src="{{private}}/files/httpd/flocktofedora.org.key"
+        dest=/etc/pki/tls/private
+  notify:
+  - restart regcfp
+
 - name: copy over the systemd file
   copy: src=regcfp.service dest=/etc/systemd/system/regcfp.service mode=0640
   notify:

roles/regcfp/templates/config.json

@@ -30,13 +30,14 @@
         "port": 80
       },
       "https": {
-        "enabled": false,
+        "enabled": true,
-        "only": true,
+        "only": false,
         "url": "https://register.flocktofedora.org",
         "listenip": "0.0.0.0",
         "port": 443,
-        "cert": "certificate.crt",
+        "cert": "/etc/pki/certs/flocktofedora.org.crt",
-        "key": "certificate.key"
+        "ca": "/etc/pki/certs/flocktofedora.org.intermediate.crt",
+        "key": "/etc/pki/certs/flocktofedora.org.key"
       }
     },