diff options
author | Christian Pointner <equinox@spreadspace.org> | 2023-08-22 19:53:49 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2023-08-22 19:53:49 +0200 |
commit | fc5d0657bfcba53ace230ff2ada64b7fcf9b97a3 (patch) | |
tree | 350a8d401e0113bff7d78aee4d8547cddf06b8f7 /roles/nginx/vhost/tasks/main.yml | |
parent | fix docker for debian bookworm+ (diff) | |
parent | some more cleanup for acme specific variables (diff) |
Merge branch 'topic/uacme'
Diffstat (limited to 'roles/nginx/vhost/tasks/main.yml')
-rw-r--r-- | roles/nginx/vhost/tasks/main.yml | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/roles/nginx/vhost/tasks/main.yml b/roles/nginx/vhost/tasks/main.yml index 1b5e3392..2c1f0f29 100644 --- a/roles/nginx/vhost/tasks/main.yml +++ b/roles/nginx/vhost/tasks/main.yml @@ -1,4 +1,15 @@ --- +- name: ensure certificate exists (fake it, until you make it) + when: "'tls' in nginx_vhost" + vars: + x509_certificate_name: "{{ nginx_vhost.name }}" + x509_certificate_hostnames: "{{ nginx_vhost.hostnames }}" + x509_certificate_reload_services: + - nginx + include_role: + name: "x509/{{ nginx_vhost.tls.certificate_provider }}/cert/prepare" + public: true + - name: install nginx configs from template when: "'template' in nginx_vhost" template: @@ -23,5 +34,16 @@ notify: reload nginx - name: generate acme certificate - when: "'acme' in nginx_vhost and nginx_vhost.acme" - include_tasks: acme.yml + when: "'tls' in nginx_vhost" + block: + - name: make sure nginx config has been (re)loaded + meta: flush_handlers + + - name: actually request the certificate + vars: + x509_certificate_name: "{{ nginx_vhost.name }}" + x509_certificate_hostnames: "{{ nginx_vhost.hostnames }}" + x509_certificate_reload_services: + - nginx + include_role: + name: "x509/{{ nginx_vhost.tls.certificate_provider }}/cert/finalize" |