summaryrefslogtreecommitdiff
path: root/roles/nginx/vhost/tasks/main.yml
diff options
context:
space:
mode:
Diffstat (limited to 'roles/nginx/vhost/tasks/main.yml')
-rw-r--r--roles/nginx/vhost/tasks/main.yml26
1 files changed, 24 insertions, 2 deletions
diff --git a/roles/nginx/vhost/tasks/main.yml b/roles/nginx/vhost/tasks/main.yml
index 1b5e3392..2c1f0f29 100644
--- a/roles/nginx/vhost/tasks/main.yml
+++ b/roles/nginx/vhost/tasks/main.yml
@@ -1,4 +1,15 @@
---
+- name: ensure certificate exists (fake it, until you make it)
+ when: "'tls' in nginx_vhost"
+ vars:
+ x509_certificate_name: "{{ nginx_vhost.name }}"
+ x509_certificate_hostnames: "{{ nginx_vhost.hostnames }}"
+ x509_certificate_reload_services:
+ - nginx
+ include_role:
+ name: "x509/{{ nginx_vhost.tls.certificate_provider }}/cert/prepare"
+ public: true
+
- name: install nginx configs from template
when: "'template' in nginx_vhost"
template:
@@ -23,5 +34,16 @@
notify: reload nginx
- name: generate acme certificate
- when: "'acme' in nginx_vhost and nginx_vhost.acme"
- include_tasks: acme.yml
+ when: "'tls' in nginx_vhost"
+ block:
+ - name: make sure nginx config has been (re)loaded
+ meta: flush_handlers
+
+ - name: actually request the certificate
+ vars:
+ x509_certificate_name: "{{ nginx_vhost.name }}"
+ x509_certificate_hostnames: "{{ nginx_vhost.hostnames }}"
+ x509_certificate_reload_services:
+ - nginx
+ include_role:
+ name: "x509/{{ nginx_vhost.tls.certificate_provider }}/cert/finalize"
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-05 15:43:12 +0000