diff options
Diffstat (limited to 'roles/apps')
-rw-r--r-- | roles/apps/bluespice/tasks/main.yml | 3 | ||||
-rw-r--r-- | roles/apps/collabora/code/tasks/main.yml | 3 | ||||
-rw-r--r-- | roles/apps/collabora/code/templates/nginx-vhost.conf.j2 | 4 | ||||
-rw-r--r-- | roles/apps/coturn/tasks/main.yml | 9 | ||||
-rw-r--r-- | roles/apps/etherpad-lite/tasks/main.yml | 3 | ||||
-rw-r--r-- | roles/apps/etherpad-lite/templates/nginx-vhost.conf.j2 | 4 | ||||
-rw-r--r-- | roles/apps/jitsi/meet/tasks/main.yml | 3 | ||||
-rw-r--r-- | roles/apps/keycloak/tasks/main.yml | 3 | ||||
-rw-r--r-- | roles/apps/mumble/tasks/main.yml | 6 | ||||
-rw-r--r-- | roles/apps/nextcloud/tasks/main.yml | 3 | ||||
-rw-r--r-- | roles/apps/onlyoffice/tasks/main.yml | 3 | ||||
-rw-r--r-- | roles/apps/pigallery2/tasks/main.yml | 3 | ||||
-rw-r--r-- | roles/apps/wikijs/tasks/main.yml | 3 |
13 files changed, 36 insertions, 14 deletions
diff --git a/roles/apps/bluespice/tasks/main.yml b/roles/apps/bluespice/tasks/main.yml index 899d1e1d..49ef2418 100644 --- a/roles/apps/bluespice/tasks/main.yml +++ b/roles/apps/bluespice/tasks/main.yml @@ -49,7 +49,8 @@ nginx_vhost: name: "bluespice-{{ item.key }}" template: generic - acme: true + tls: + certificate_provider: "{{ acme_client }}" hostnames: - "{{ item.value.hostname }}" locations: diff --git a/roles/apps/collabora/code/tasks/main.yml b/roles/apps/collabora/code/tasks/main.yml index db28bb65..8f4acc76 100644 --- a/roles/apps/collabora/code/tasks/main.yml +++ b/roles/apps/collabora/code/tasks/main.yml @@ -53,7 +53,8 @@ nginx_vhost: name: "collabora-code-{{ item.key }}" content: "{{ lookup('template', 'nginx-vhost.conf.j2') }}" - acme: true + tls: + certificate_provider: "{{ acme_client }}" hostnames: - "{{ item.value.hostname }}" include_role: diff --git a/roles/apps/collabora/code/templates/nginx-vhost.conf.j2 b/roles/apps/collabora/code/templates/nginx-vhost.conf.j2 index 04358976..8dd67fb7 100644 --- a/roles/apps/collabora/code/templates/nginx-vhost.conf.j2 +++ b/roles/apps/collabora/code/templates/nginx-vhost.conf.j2 @@ -3,7 +3,7 @@ server { listen [::]:80; server_name {{ item.value.hostname }}; - include snippets/acmetool.conf; + include snippets/{{ acme_client }}.conf; location / { return 301 https://$host$request_uri; @@ -15,7 +15,7 @@ server { listen [::]:443 ssl http2; server_name {{ item.value.hostname }}; - include snippets/acmetool.conf; + include snippets/{{ acme_client }}.conf; include snippets/tls.conf; ssl_certificate {{ x509_certificate_path_fullchain }}; ssl_certificate_key {{ x509_certificate_path_key }}; diff --git a/roles/apps/coturn/tasks/main.yml b/roles/apps/coturn/tasks/main.yml index 42ccd2b3..bab53d99 100644 --- a/roles/apps/coturn/tasks/main.yml +++ b/roles/apps/coturn/tasks/main.yml @@ -1,4 +1,10 @@ --- +- name: check if acme_client is set to acmetool + assert: + msg: "this role currently only works with acmetool" + that: + - acme_client == "acmetool" + - name: add group for coturn group: name: coturn @@ -64,7 +70,8 @@ nginx_vhost: name: "coturn-{{ coturn_realm }}" content: "{{ lookup('template', 'nginx-vhost.conf.j2') }}" - acme: true + tls: + certificate_provider: acmetool hostnames: "{{ coturn_hostnames }}" include_role: name: nginx/vhost diff --git a/roles/apps/etherpad-lite/tasks/main.yml b/roles/apps/etherpad-lite/tasks/main.yml index 072a6c09..495a0387 100644 --- a/roles/apps/etherpad-lite/tasks/main.yml +++ b/roles/apps/etherpad-lite/tasks/main.yml @@ -114,7 +114,8 @@ nginx_vhost: name: "etherpad-lite-{{ item.key }}" content: "{{ lookup('template', 'nginx-vhost.conf.j2') }}" - acme: true + tls: + certificate_provider: "{{ acme_client }}" hostnames: "{{ item.value.hostnames }}" include_role: name: nginx/vhost diff --git a/roles/apps/etherpad-lite/templates/nginx-vhost.conf.j2 b/roles/apps/etherpad-lite/templates/nginx-vhost.conf.j2 index 0ac9d0f0..c572a7eb 100644 --- a/roles/apps/etherpad-lite/templates/nginx-vhost.conf.j2 +++ b/roles/apps/etherpad-lite/templates/nginx-vhost.conf.j2 @@ -3,7 +3,7 @@ server { listen [::]:80; server_name {{ item.value.hostnames | join(' ') }}; - include snippets/acmetool.conf; + include snippets/{{ acme_client }}.conf; location / { return 301 https://$host$request_uri; @@ -15,7 +15,7 @@ server { listen [::]:443 ssl http2; server_name {{ item.value.hostnames | join(' ') }}; - include snippets/acmetool.conf; + include snippets/{{ acme_client }}.conf; include snippets/tls.conf; ssl_certificate {{ x509_certificate_path_fullchain }}; ssl_certificate_key {{ x509_certificate_path_key }}; diff --git a/roles/apps/jitsi/meet/tasks/main.yml b/roles/apps/jitsi/meet/tasks/main.yml index eff8232b..1d55fc78 100644 --- a/roles/apps/jitsi/meet/tasks/main.yml +++ b/roles/apps/jitsi/meet/tasks/main.yml @@ -151,7 +151,8 @@ nginx_vhost: name: "jitsi-meet-{{ jitsi_meet_inst_name }}" template: generic - acme: true + tls: + certificate_provider: "{{ acme_client }}" hostnames: - "{{ jitsi_meet_hostname }}" locations: "{{ nginx_vhost_locations_base | combine(nginx_vhost_locations_streamui) }}" diff --git a/roles/apps/keycloak/tasks/main.yml b/roles/apps/keycloak/tasks/main.yml index 68806458..c3e93666 100644 --- a/roles/apps/keycloak/tasks/main.yml +++ b/roles/apps/keycloak/tasks/main.yml @@ -96,7 +96,8 @@ nginx_vhost: name: "keycloak-{{ item.key }}" template: generic - acme: true + tls: + certificate_provider: "{{ acme_client }}" hostnames: - "{{ item.value.hostname }}" locations: diff --git a/roles/apps/mumble/tasks/main.yml b/roles/apps/mumble/tasks/main.yml index 33331dca..92659b66 100644 --- a/roles/apps/mumble/tasks/main.yml +++ b/roles/apps/mumble/tasks/main.yml @@ -1,4 +1,10 @@ --- +- name: check if acme_client is set to acmetool + assert: + msg: "this role currently only works with acmetool" + that: + - acme_client == "acmetool" + - name: add group for mumble group: name: mumble diff --git a/roles/apps/nextcloud/tasks/main.yml b/roles/apps/nextcloud/tasks/main.yml index 29ab9c39..c9a9061c 100644 --- a/roles/apps/nextcloud/tasks/main.yml +++ b/roles/apps/nextcloud/tasks/main.yml @@ -160,7 +160,8 @@ nginx_vhost: name: "nextcloud-{{ item.key }}" template: generic - acme: true + tls: + certificate_provider: "{{ acme_client }}" hostnames: "{{ item.value.hostnames }}" locations: '/': diff --git a/roles/apps/onlyoffice/tasks/main.yml b/roles/apps/onlyoffice/tasks/main.yml index 957d8afe..960e811b 100644 --- a/roles/apps/onlyoffice/tasks/main.yml +++ b/roles/apps/onlyoffice/tasks/main.yml @@ -140,7 +140,8 @@ nginx_vhost: name: "onlyoffice-{{ item.key }}" template: generic - acme: true + tls: + certificate_provider: "{{ acme_client }}" hostnames: - "{{ item.value.hostname }}" locations: diff --git a/roles/apps/pigallery2/tasks/main.yml b/roles/apps/pigallery2/tasks/main.yml index b8b0166d..2a758da1 100644 --- a/roles/apps/pigallery2/tasks/main.yml +++ b/roles/apps/pigallery2/tasks/main.yml @@ -67,7 +67,8 @@ nginx_vhost: name: "pigallery2-{{ item.key }}" template: generic - acme: true + tls: + certificate_provider: "{{ acme_client }}" hostnames: - "{{ item.value.hostname }}" locations: diff --git a/roles/apps/wikijs/tasks/main.yml b/roles/apps/wikijs/tasks/main.yml index e2b03d24..10b0aa54 100644 --- a/roles/apps/wikijs/tasks/main.yml +++ b/roles/apps/wikijs/tasks/main.yml @@ -73,7 +73,8 @@ nginx_vhost: name: "wikijs-{{ item.key }}" template: generic - acme: true + tls: + certificate_provider: "{{ acme_client }}" hostnames: - "{{ item.value.hostname }}" locations: |