AnsibleRoles/ensure_apache
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add default TLS Certificates for "localhost"

Browse Source
This commit is contained in:
Jason Rothstein 2021-10-25 22:39:42 -05:00
parent 4afbe76369
commit b6e25d1ab8
2 changed files with 14 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
tasks/main.yml
View File

@ -125,6 +125,18 @@
loop: '{{ http_vhost }}' loop: '{{ http_vhost }}'
loop_control: loop_control:
label: '{{ item.fqdn }} will be ensured' label: '{{ item.fqdn }} will be ensured'
- name: 'base vhost document root'
when:
- ansible_system == 'Linux'
- ensure_apache is defined
- http_vhost is defined
- http_vhost is iterable
ansible.builtin.file:
group: 'root'
owner: 'root'
mode: '0775'
path: '/srv/http'
state: 'directory'
- name: 'ensure vhost document roots' - name: 'ensure vhost document roots'
when: when:
- ansible_system == 'Linux' - ansible_system == 'Linux'

4
templates/Fedora/34/etc/httpd/conf.d/vhost.conf
View File

@ -65,8 +65,8 @@
SSLHonorCipherOrder on SSLHonorCipherOrder on
SSLCipherSuite PROFILE=SYSTEM SSLCipherSuite PROFILE=SYSTEM
SSLProxyCipherSuite PROFILE=SYSTEM SSLProxyCipherSuite PROFILE=SYSTEM
# SSLCertificateFile /etc/pki/tls/certs/localhost.crt SSLCertificateFile /etc/pki/tls/certs/localhost.crt
# SSLCertificateKeyFile /etc/pki/tls/private/localhost.key SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
ServerName {{ item.fqdn }} ServerName {{ item.fqdn }}
ServerAdmin webmaster@firedragonenterprises.com ServerAdmin webmaster@firedragonenterprises.com
DocumentRoot /srv/http/{{ item.fqdn }} DocumentRoot /srv/http/{{ item.fqdn }}