diff --git a/roles/copr/frontend/tasks/main.yml b/roles/copr/frontend/tasks/main.yml index 558f07a2b8..9a08f8b9cd 100644 --- a/roles/copr/frontend/tasks/main.yml +++ b/roles/copr/frontend/tasks/main.yml @@ -109,7 +109,7 @@ - name: Check that cert file exists stat: - path: "/etc/letsencrypt/live/{{ inventory_hostname }}/cert.pem" + path: "/etc/letsencrypt/live/{{ copr_frontend_public_hostname }}/cert.pem" register: stat_cert - name: Should admin run certbot? diff --git a/roles/copr/frontend/templates/httpd/coprs_ssl.conf.j2 b/roles/copr/frontend/templates/httpd/coprs_ssl.conf.j2 index 601d3977f4..f440be853f 100644 --- a/roles/copr/frontend/templates/httpd/coprs_ssl.conf.j2 +++ b/roles/copr/frontend/templates/httpd/coprs_ssl.conf.j2 @@ -14,12 +14,12 @@ Listen 443 https SSLCertificateKeyFile /etc/pki/tls/private/copr.fedorainfracloud.org.key SSLCertificateChainFile /etc/pki/tls/certs/copr.fedorainfracloud.org.intermediate.crt {% else %} - SSLCertificateFile /etc/letsencrypt/live/{{ inventory_hostname }}/cert.pem - SSLCertificateKeyFile /etc/letsencrypt/live/{{ inventory_hostname }}/privkey.pem - SSLCertificateChainFile /etc/letsencrypt/live/{{ inventory_hostname }}/fullchain.pem + SSLCertificateFile /etc/letsencrypt/live/{{ copr_frontend_public_hostname }}/cert.pem + SSLCertificateKeyFile /etc/letsencrypt/live/{{ copr_frontend_public_hostname }}/privkey.pem + SSLCertificateChainFile /etc/letsencrypt/live/{{ copr_frontend_public_hostname }}/fullchain.pem {% endif %} - ServerName {{ inventory_hostname }} + ServerName {{ copr_frontend_public_hostname }} WSGIPassAuthorization On WSGIScriptAlias / /usr/share/copr/coprs_frontend/application @@ -68,14 +68,14 @@ Listen 443 https SSLCertificateKeyFile /etc/pki/tls/private/copr.fedorainfracloud.org.key SSLCertificateChainFile /etc/pki/tls/certs/copr.fedorainfracloud.org.intermediate.crt {% else %} - SSLCertificateFile /etc/letsencrypt/live/{{ inventory_hostname }}/cert.pem - SSLCertificateKeyFile /etc/letsencrypt/live/{{ inventory_hostname }}/privkey.pem - SSLCertificateChainFile /etc/letsencrypt/live/{{ inventory_hostname }}/fullchain.pem + SSLCertificateFile /etc/letsencrypt/live/{{ copr_frontend_public_hostname }}/cert.pem + SSLCertificateKeyFile /etc/letsencrypt/live/{{ copr_frontend_public_hostname }}/privkey.pem + SSLCertificateChainFile /etc/letsencrypt/live/{{ copr_frontend_public_hostname }}/fullchain.pem {% endif %} - ServerAlias {{ inventory_hostname }} + ServerAlias {{ copr_frontend_public_hostname }} - Redirect 302 / https://{{ inventory_hostname }}/ + Redirect 302 / https://{{ copr_frontend_public_hostname }}/