From ddd19378280e20c6968054cadee2dd72840b36ef Mon Sep 17 00:00:00 2001
From: Pavel Raiskup <praiskup@redhat.com>
Date: Fri, 21 Feb 2020 15:39:15 +0100
Subject: [PATCH] copr-be-dev-aws: use letsencrypt.certificates for hosntame in
 lighttpd_dev config

---
 roles/copr/backend/templates/lighttpd/lighttpd_dev.conf | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/roles/copr/backend/templates/lighttpd/lighttpd_dev.conf b/roles/copr/backend/templates/lighttpd/lighttpd_dev.conf
index 8dc0c610ed..39a6bcb22d 100644
--- a/roles/copr/backend/templates/lighttpd/lighttpd_dev.conf
+++ b/roles/copr/backend/templates/lighttpd/lighttpd_dev.conf
@@ -460,8 +460,10 @@ $HTTP["url"] =~ "^/.well-known/" {
 # Enable HTTPS
 $SERVER["socket"] == ":443" {
     ssl.engine              = "enable"
-    ssl.ca-file             = "/etc/letsencrypt/live/{{ inventory_hostname }}/chain.pem"
-    ssl.pemfile             = "/etc/letsencrypt/live/{{ inventory_hostname }}/combined.pem"
+{% for hostname, _ in letsencrypt.certificates.iteritems()  %}
+    ssl.ca-file             = "/etc/letsencrypt/live/{{ hostname }}/chain.pem"
+    ssl.pemfile             = "/etc/letsencrypt/live/{{ hostname }}/combined.pem"
+{% endfor %}
     ssl.honor-cipher-order  = "enable"
     # The following is OPTIONAL
     ssl.cipher-list         = "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:ECDHE-RSA-AES128-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA128:DHE-RSA-AES128-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA128:ECDHE-RSA-AES128-SHA384:ECDHE-RSA-AES128-SHA128:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA384:AES128-GCM-SHA128:AES128-SHA128:AES128-SHA128:AES128-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"