From eeef43f2714e2b6aa1f034dadbe7dc9bfe8f6882 Mon Sep 17 00:00:00 2001 From: Kevin Fenzi Date: Thu, 18 Jul 2019 00:05:02 +0000 Subject: [PATCH] pagure / staging: try and use letsencrypt for docs.stg.pagure.org Signed-off-by: Kevin Fenzi --- roles/pagure/frontend/tasks/main.yml | 6 ++++++ roles/pagure/frontend/templates/0_pagure.conf | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/roles/pagure/frontend/tasks/main.yml b/roles/pagure/frontend/tasks/main.yml index 7a3d8503d9..778f1ccf1a 100644 --- a/roles/pagure/frontend/tasks/main.yml +++ b/roles/pagure/frontend/tasks/main.yml @@ -453,6 +453,12 @@ site_name: releases.stg.pagure.org when: env == 'pagure-staging' +- name: Letsencrypt for docs.stg.pagure.org + include_role: name=letsencrypt + vars: + site_name: docs.stg.pagure.org + when: env == 'pagure-staging' + - name: Letsencrypt for stg.pagure.org include_role: name=letsencrypt vars: diff --git a/roles/pagure/frontend/templates/0_pagure.conf b/roles/pagure/frontend/templates/0_pagure.conf index 57f475697d..8968f11cae 100644 --- a/roles/pagure/frontend/templates/0_pagure.conf +++ b/roles/pagure/frontend/templates/0_pagure.conf @@ -163,9 +163,15 @@ WSGIDaemonProcess paguredocs user=git group=git maximum-requests=1000 display-na # Use secure TLSv1.1 and TLSv1.2 ciphers Header always add Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" +{% if env == 'pagure-staging' %} + SSLCertificateFile /etc/pki/tls/certs/docs.stg.pagure.org.cert + SSLCertificateChainFile /etc/pki/tls/certs/docs.stg.pagure.org.intermediate.cert + SSLCertificateKeyFile /etc/pki/tls/private/docs.stg.pagure.org.key +{% else %} SSLCertificateFile /etc/pki/tls/certs/pagure.io.cert SSLCertificateChainFile /etc/pki/tls/certs/pagure.io.intermediate.cert SSLCertificateKeyFile /etc/pki/tls/certs/pagure.io.key +{% endif %} Alias /static /usr/lib/python2.7/site-packages/pagure/static/