diff options
Diffstat (limited to 'roles/nginx/vhost/tasks/main.yml')
-rw-r--r-- | roles/nginx/vhost/tasks/main.yml | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/roles/nginx/vhost/tasks/main.yml b/roles/nginx/vhost/tasks/main.yml index 1b5e3392..2c1f0f29 100644 --- a/roles/nginx/vhost/tasks/main.yml +++ b/roles/nginx/vhost/tasks/main.yml @@ -1,4 +1,15 @@ --- +- name: ensure certificate exists (fake it, until you make it) + when: "'tls' in nginx_vhost" + vars: + x509_certificate_name: "{{ nginx_vhost.name }}" + x509_certificate_hostnames: "{{ nginx_vhost.hostnames }}" + x509_certificate_reload_services: + - nginx + include_role: + name: "x509/{{ nginx_vhost.tls.certificate_provider }}/cert/prepare" + public: true + - name: install nginx configs from template when: "'template' in nginx_vhost" template: @@ -23,5 +34,16 @@ notify: reload nginx - name: generate acme certificate - when: "'acme' in nginx_vhost and nginx_vhost.acme" - include_tasks: acme.yml + when: "'tls' in nginx_vhost" + block: + - name: make sure nginx config has been (re)loaded + meta: flush_handlers + + - name: actually request the certificate + vars: + x509_certificate_name: "{{ nginx_vhost.name }}" + x509_certificate_hostnames: "{{ nginx_vhost.hostnames }}" + x509_certificate_reload_services: + - nginx + include_role: + name: "x509/{{ nginx_vhost.tls.certificate_provider }}/cert/finalize" |