commit 98a0178f81425c26d11c3f249a5f4053114c32f0
parent 7e6c64cbc888c5cfcad8dccfef259e717ef4b3cb
Author: Paco Esteban <paco@e1e0.net>
Date: Tue, 7 Jan 2020 20:18:55 +0100
add vhost options and fix templates
Diffstat:
3 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/roles/httpd/defaults/main.yml b/roles/httpd/defaults/main.yml
@@ -6,6 +6,7 @@ http_servers:
- server_name: "default"
#no_logging: true
root: "/htdocs/null"
+ httpd_options: []
locations:
- name: "/.well-known/acme-challenge/*"
options:
diff --git a/roles/httpd/templates/acme-client.conf.j2 b/roles/httpd/templates/acme-client.conf.j2
@@ -10,7 +10,7 @@ authority letsencrypt-staging {
{% for server in https_servers %}
domain {{ server.server_name }} {
-{% if server.server_aliases|length > 0 %}
+{% if server.server_aliases is defined and server.server_aliases|length %}
alternative names { {% for server_alias in server.server_aliases -%} {{ server_alias }} {% endfor %} }
{% endif %}
domain key "/etc/ssl/letsencrypt/{{ server.server_name }}/privkey.pem"
diff --git a/roles/httpd/templates/https-host.conf.j2 b/roles/httpd/templates/https-host.conf.j2
@@ -1,9 +1,11 @@
server "{{ item.server_name }}" {
listen on {{ httpd_ext_addr }} tls port 443
+{% if item.server_aliases is defined %}
{% for server_alias in item.server_aliases %}
alias {{ server_alias }}
{% endfor %}
+{% endif %}
tls {
certificate "/etc/ssl/letsencrypt/{{ item.server_name }}/fullchain.pem"
@@ -19,6 +21,12 @@ server "{{ item.server_name }}" {
}
{% endif %}
+{% if item.httpd_options is defined %}
+{% for o in item.httpd_options %}
+ {{ o }}
+{% endfor %}
+{% endif %}
+
{% for location in item.locations %}
location "{{ location.name }}" {
{% for opt in location.options %}
