summaryrefslogtreecommitdiff
path: root/roles
diff options
context:
space:
mode:
Diffstat (limited to 'roles')
-rw-r--r--roles/apps/node-red/instance/tasks/main.yml10
-rw-r--r--roles/apps/whawty/auth/instance/tasks/main.yml10
2 files changed, 6 insertions, 14 deletions
diff --git a/roles/apps/node-red/instance/tasks/main.yml b/roles/apps/node-red/instance/tasks/main.yml
index 38547f58..410a1b9f 100644
--- a/roles/apps/node-red/instance/tasks/main.yml
+++ b/roles/apps/node-red/instance/tasks/main.yml
@@ -52,7 +52,7 @@
x509_certificate_config:
ca: "{{ node_red_instances[node_red_instance].publish.zone.certificate_ca_config }}"
cert:
- common_name: "node-red-{{ node_red_instance }}"
+ common_name: "node-red-{{ node_red_instance }}.{{ inventory_hostname }}"
extended_key_usage:
- serverAuth
extended_key_usage_critical: yes
@@ -125,11 +125,7 @@
- name: configure nginx vhost for publishment
vars:
nginx_vhost__yaml: |
- {% if node_red_instances[node_red_instance].publish.zone.publisher == inventory_hostname %}
- name: "node-red-{{ node_red_instance }}"
- {% else %}
- name: "node-red-{{ node_red_instance }}-{{ inventory_hostname }}"
- {% endif %}
+ name: "node-red-{{ node_red_instance }}.{{ inventory_hostname }}"
template: generic
{% if 'tls' in node_red_instances[node_red_instance].publish %}
tls:
@@ -151,7 +147,7 @@
certificate_key: "/etc/ssl/apps-publish-{{ node_red_instances[node_red_instance].publish.zone.name }}/apps-publish-{{ node_red_instances[node_red_instance].publish.zone.name }}-key.pem"
trusted_certificate: "/etc/ssl/apps-publish-{{ node_red_instances[node_red_instance].publish.zone.name }}/apps-publish-{{ node_red_instances[node_red_instance].publish.zone.name }}-ca-crt.pem"
verify: "on"
- name: "node-red-{{ node_red_instance }}"
+ name: "node-red-{{ node_red_instance }}.{{ inventory_hostname }}"
protocols: "TLSv1.3"
{% if 'location_extra_directives' in node_red_instances[node_red_instance].publish %}
extra_directives: |
diff --git a/roles/apps/whawty/auth/instance/tasks/main.yml b/roles/apps/whawty/auth/instance/tasks/main.yml
index 1e2f6c0d..26ba63df 100644
--- a/roles/apps/whawty/auth/instance/tasks/main.yml
+++ b/roles/apps/whawty/auth/instance/tasks/main.yml
@@ -41,7 +41,7 @@
x509_certificate_config:
ca: "{{ whawty_auth_instances[whawty_auth_instance].publish.zone.certificate_ca_config }}"
cert:
- common_name: "whawty-auth-{{ whawty_auth_instance }}"
+ common_name: "whawty-auth-{{ whawty_auth_instance }}.{{ inventory_hostname }}"
extended_key_usage:
- serverAuth
extended_key_usage_critical: yes
@@ -125,11 +125,7 @@
- name: configure nginx vhost for publishment
vars:
nginx_vhost__yaml: |
- {% if whawty_auth_instances[whawty_auth_instance].publish.zone.publisher == inventory_hostname %}
- name: "whawty-auth-{{ whawty_auth_instance }}"
- {% else %}
- name: "whawty-auth-{{ whawty_auth_instance }}-{{ inventory_hostname }}"
- {% endif %}
+ name: "whawty-auth-{{ whawty_auth_instance }}.{{ inventory_hostname }}"
template: generic
{% if 'tls' in whawty_auth_instances[whawty_auth_instance].publish %}
tls:
@@ -149,7 +145,7 @@
proxy_ssl:
trusted_certificate: "/etc/ssl/apps-publish-{{ whawty_auth_instances[whawty_auth_instance].publish.zone.name }}/apps-publish-{{ whawty_auth_instances[whawty_auth_instance].publish.zone.name }}-ca-crt.pem"
verify: "on"
- name: "whawty-auth-{{ whawty_auth_instance }}"
+ name: "whawty-auth-{{ whawty_auth_instance }}.{{ inventory_hostname }}"
protocols: "TLSv1.3"
nginx_vhost: "{{ nginx_vhost__yaml | from_yaml }}"
include_role: