try and deal with name scoping some more
This commit is contained in:
parent
066c97690e
commit
c7f95e7c9e
6 changed files with 32 additions and 32 deletions
|
@ -26,7 +26,9 @@
|
|||
- rsyncd
|
||||
- apache
|
||||
- httpd/mod_ssl
|
||||
- { role: httpd/certificate, name: "{{wildcard_cert_name}}", SSLCertificateChainFile: "{{wildcard_int_file}}" }
|
||||
- role: httpd/certificate
|
||||
certname: "{{wildcard_cert_name}}"
|
||||
SSLCertificateChainFile: "{{wildcard_int_file}}"
|
||||
- openvpn/client
|
||||
- batcave
|
||||
|
||||
|
|
|
@ -75,7 +75,7 @@
|
|||
- role: apache
|
||||
|
||||
- role: httpd/certificate
|
||||
name: wildcard-2017.fedorapeople.org
|
||||
certname: wildcard-2017.fedorapeople.org
|
||||
SSLCertificateChainFile: wildcard-2017.fedorapeople.org.intermediate.cert
|
||||
|
||||
- people
|
||||
|
|
|
@ -37,15 +37,16 @@
|
|||
- role: httpd/mod_ssl
|
||||
|
||||
- role: httpd/certificate
|
||||
name: "{{wildcard_cert_name}}"
|
||||
certname: "{{wildcard_cert_name}}"
|
||||
SSLCertificateChainFile: "{{wildcard_int_file}}"
|
||||
|
||||
- role: httpd/website
|
||||
name: secondary.fedoraproject.org
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
- { role: httpd/website
|
||||
vars:
|
||||
- name: secondary.fedoraproject.org
|
||||
- cert_name: "{{wildcard_cert_name}}"
|
||||
server_aliases:
|
||||
- archive.fedoraproject.org
|
||||
- archives.fedoraproject.org
|
||||
- archives.fedoraproject.org }
|
||||
tasks:
|
||||
- import_tasks: "{{ tasks_path }}/yumrepos.yml"
|
||||
- import_tasks: "{{ tasks_path }}/2fa_client.yml"
|
||||
|
|
|
@ -26,13 +26,10 @@
|
|||
- role: httpd/mod_ssl
|
||||
|
||||
- role: httpd/certificate
|
||||
name: "{{wildcard_cert_name}}"
|
||||
SSLCertificateChainFile: "{{wildcard_int_file}}"
|
||||
certname: "{{wildcard_cert_name}}"
|
||||
SSLCertificateChainFile: "{{wildcard_int_file}}"}}
|
||||
|
||||
- role: httpd/website
|
||||
name: torrent.fedoraproject.org
|
||||
cert_name: "{{wildcard_cert_name}}"
|
||||
sslonly: true
|
||||
- {role: httpd/website, vars: {name: torrent.fedoraproject.org, cert_name: "{{wildcard_cert_name}}", sslonly: true}}
|
||||
|
||||
tasks:
|
||||
- import_tasks: "{{ tasks_path }}/yumrepos.yml"
|
||||
|
|
|
@ -16,72 +16,72 @@
|
|||
- role: httpd/mod_ssl
|
||||
|
||||
- role: httpd/certificate
|
||||
name: wildcard-2017.fedoraproject.org
|
||||
certname: wildcard-2017.fedoraproject.org
|
||||
SSLCertificateChainFile: wildcard-2017.fedoraproject.org.intermediate.cert
|
||||
|
||||
- role: httpd/certificate
|
||||
name: wildcard-2017.fedorahosted.org
|
||||
certname: wildcard-2017.fedorahosted.org
|
||||
SSLCertificateChainFile: wildcard-2017.fedorahosted.org.intermediate.cert
|
||||
|
||||
- role: httpd/certificate
|
||||
name: wildcard-2017.id.fedoraproject.org
|
||||
certname: wildcard-2017.id.fedoraproject.org
|
||||
SSLCertificateChainFile: wildcard-2017.id.fedoraproject.org.intermediate.cert
|
||||
|
||||
- role: httpd/certificate
|
||||
name: wildcard-2017.stg.fedoraproject.org
|
||||
certname: wildcard-2017.stg.fedoraproject.org
|
||||
SSLCertificateChainFile: wildcard-2017.stg.fedoraproject.org.intermediate.cert
|
||||
when: env == "staging"
|
||||
|
||||
- role: httpd/certificate
|
||||
name: wildcard-2017.app.os.stg.fedoraproject.org
|
||||
certname: wildcard-2017.app.os.stg.fedoraproject.org
|
||||
SSLCertificateChainFile: wildcard-2017.app.os.stg.fedoraproject.org.intermediate.cert
|
||||
when: env == "staging"
|
||||
tags:
|
||||
- app.os.fedoraproject.org
|
||||
|
||||
- role: httpd/certificate
|
||||
name: wildcard-2017.app.os.fedoraproject.org
|
||||
certname: wildcard-2017.app.os.fedoraproject.org
|
||||
SSLCertificateChainFile: wildcard-2017.app.os.fedoraproject.org.intermediate.cert
|
||||
tags:
|
||||
- app.os.fedoraproject.org
|
||||
|
||||
- role: httpd/certificate
|
||||
name: fedoramagazine.org
|
||||
certname: fedoramagazine.org
|
||||
SSLCertificateChainFile: fedoramagazine.org.intermediate.cert
|
||||
|
||||
- role: httpd/certificate
|
||||
name: fpaste.org
|
||||
certname: fpaste.org
|
||||
SSLCertificateChainFile: fpaste.org.intermediate.cert
|
||||
|
||||
- role: httpd/certificate
|
||||
name: getfedora.org
|
||||
certname: getfedora.org
|
||||
SSLCertificateChainFile: getfedora.org.intermediate.cert
|
||||
|
||||
- role: httpd/certificate
|
||||
name: flocktofedora.org
|
||||
certname: flocktofedora.org
|
||||
SSLCertificateChainFile: flocktofedora.org.intermediate.cert
|
||||
|
||||
- role: httpd/certificate
|
||||
name: qa.stg.fedoraproject.org
|
||||
certname: qa.stg.fedoraproject.org
|
||||
SSLCertificateChainFile: qa.stg.fedoraproject.org.intermediate.cert
|
||||
when: env == "staging"
|
||||
|
||||
- role: httpd/certificate
|
||||
name: qa.fedoraproject.org
|
||||
certname: qa.fedoraproject.org
|
||||
SSLCertificateChainFile: qa.fedoraproject.org.intermediate.cert
|
||||
|
||||
- role: httpd/certificate
|
||||
name: secondary.koji.fedoraproject.org.letsencrypt
|
||||
certname: secondary.koji.fedoraproject.org.letsencrypt
|
||||
SSLCertificateChainFile: secondary.koji.fedoraproject.org.letsencrypt.intermediate.crt
|
||||
|
||||
- role: httpd/certificate
|
||||
name: whatcanidoforfedora.org
|
||||
certname: whatcanidoforfedora.org
|
||||
SSLCertificateChainFile: whatcanidoforfedora.org.intermediate.crt
|
||||
tags:
|
||||
- whatcanidoforfedora.org
|
||||
|
||||
- role: httpd/certificate
|
||||
name: fedoracommunity.org
|
||||
certname: fedoracommunity.org
|
||||
SSLCertificateChainFile: fedoracommunity.org.intermediate.cert
|
||||
tags:
|
||||
- fedoracommunity.org
|
||||
|
|
|
@ -18,7 +18,7 @@
|
|||
- httpd
|
||||
- httpd/certificate
|
||||
|
||||
- name: Copy {{name}}.cert
|
||||
- name: Copy {{certname}}.cert
|
||||
copy: >
|
||||
src={{item}}
|
||||
dest=/etc/pki/tls/certs/{{item | basename}}
|
||||
|
@ -27,14 +27,14 @@
|
|||
mode=0644
|
||||
with_first_found:
|
||||
- "{{private}}/files/httpd/{{cert}}.cert"
|
||||
- "{{private}}/files/httpd/{{name}}.cert"
|
||||
- "{{private}}/files/httpd/{{certname}}.cert"
|
||||
notify:
|
||||
- reload proxyhttpd
|
||||
tags:
|
||||
- httpd
|
||||
- httpd/certificate
|
||||
|
||||
- name: Copy {{name}}.key
|
||||
- name: Copy {{certname}}.key
|
||||
copy: >
|
||||
src={{item}}
|
||||
dest=/etc/pki/tls/private/{{item | basename}}
|
||||
|
@ -43,7 +43,7 @@
|
|||
mode=0600
|
||||
with_first_found:
|
||||
- "{{private}}/files/httpd/{{key}}.key"
|
||||
- "{{private}}/files/httpd/{{name}}.key"
|
||||
- "{{private}}/files/httpd/{{certname}}.key"
|
||||
notify:
|
||||
- reload proxyhttpd
|
||||
tags:
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue