Prepare nginx to be used without SSL.

2016-06-18 13:21:21 +02:00 · 2016-06-18 13:21:21 +02:00 · b83b2f02f1
commit b83b2f02f1
parent 89c9e8031c
5 changed files with 10 additions and 6 deletions
--- a/roles/gogs/meta/main.yml
+++ b/roles/gogs/meta/main.yml
@ -2,4 +2,4 @@
 dependencies:
 - { role: certmgr }
- { role: nginx }
+- { role: nginx, nginx_ssl: True }
--- a/roles/mail/meta/main.yml
+++ b/roles/mail/meta/main.yml
@ -2,4 +2,4 @@
 dependencies:
 - { role: certmgr }
- { role: nginx }
+- { role: nginx, nginx_ssl: True }
--- a/roles/nginx/tasks/main.yml
+++ b/roles/nginx/tasks/main.yml
@ -8,13 +8,16 @@
 - name: Create certificate directory
  file: path=/etc/nginx/ssl state=directory mode=0750
  when: nginx_ssl == True
 - name: Ensure certificates are available
  command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ ansible_fqdn }}.key -out /etc/nginx/ssl/{{ ansible_fqdn }}.crt -days 730 -subj "/CN={{ ansible_fqdn }}" creates=/etc/nginx/ssl/{{ ansible_fqdn }}.crt
  when: nginx_ssl == True
  notify: Restart nginx
 - name: Ensure correct certificate permissions
  file: path=/etc/nginx/ssl/{{ ansible_fqdn }}.key owner=root mode=0400
  when: nginx_ssl == True
  notify: Restart nginx
 - name: Create DH parameters
@ -22,12 +25,13 @@
  with_items:
  - /etc/nginx/dhparam.pem
- name: Configure default vhost
+- name: Configure nginx
  copy: src=nginx.conf dest=/etc/nginx/nginx.conf
  notify: Restart nginx
- name: Enable default vhost
+- name: Configure default vhost
  template: src=default.j2 dest=/etc/nginx/sites-available/default
  when: nginx_ssl == True
  notify: Restart nginx
 - name: Start nginx
--- a/roles/owncloud/meta/main.yml
+++ b/roles/owncloud/meta/main.yml
@ -2,4 +2,4 @@
 dependencies:
 - { role: certmgr }
- { role: nginx }
+- { role: nginx, nginx_ssl: True }
--- a/roles/web/meta/main.yml
+++ b/roles/web/meta/main.yml
@ -2,4 +2,4 @@
 dependencies:
 - { role: certmgr }
- { role: nginx }
+- { role: nginx, nginx_ssl: True }