|
|
|
@ -19,9 +19,28 @@
|
|
|
|
|
path: /etc/nginx/certs
|
|
|
|
|
state: directory
|
|
|
|
|
|
|
|
|
|
- name: Generate Certificate for Domains
|
|
|
|
|
shell: certbot certonly --standalone -d {{ matrix_server_name }} -m {{ vault_email }} --noninteractive --agree-tos --redirect --pre-hook "sudo systemctl stop nginx" --post-hook "sudo systemctl start nginx"
|
|
|
|
|
args:
|
|
|
|
|
creates: "/etc/letsencrypt/live/{{ matrix_server_name }}/cert.pem"
|
|
|
|
|
|
|
|
|
|
- name: Copy certificates
|
|
|
|
|
file:
|
|
|
|
|
src: "/etc/letsencrypt/live/{{ matrix_server_name }}/fullchain.pem"
|
|
|
|
|
dest: "/etc/nginx/certs/{{ matrix_server_name }}.crt"
|
|
|
|
|
state: link
|
|
|
|
|
force: yes
|
|
|
|
|
|
|
|
|
|
- name: Copy certificates key
|
|
|
|
|
file:
|
|
|
|
|
src: "/etc/letsencrypt/live/{{ matrix_server_name }}/privkey.pem"
|
|
|
|
|
dest: "/etc/nginx/certs/{{ matrix_server_name }}.key"
|
|
|
|
|
state: link
|
|
|
|
|
force: yes
|
|
|
|
|
|
|
|
|
|
- name: Copy reverse proxy sites
|
|
|
|
|
template:
|
|
|
|
|
src: nginx/config_synapse
|
|
|
|
|
src: reverse_proxy
|
|
|
|
|
dest: /etc/nginx/sites-available/synapse
|
|
|
|
|
notify: Reload nginx
|
|
|
|
|
|
|
|
|
@ -33,14 +52,3 @@
|
|
|
|
|
force: yes
|
|
|
|
|
notify: Reload nginx
|
|
|
|
|
|
|
|
|
|
- name: Generate Certificate for Domains
|
|
|
|
|
shell: certbot certonly --standalone -d {{ matrix_server_name }} -m {{ vault_email }} --noninteractive --agree-tos --redirect --pre-hook "sudo systemctl stop nginx" --post-hook "sudo systemctl start nginx"
|
|
|
|
|
args:
|
|
|
|
|
creates: "/etc/letsencrypt/live/{{ matrix_server_name }}/cert.pem"
|
|
|
|
|
|
|
|
|
|
- name: Copy certificates
|
|
|
|
|
file:
|
|
|
|
|
src: "/etc/letsencrypt/live/{{ matrix_server_name }}/fullchain.pem"
|
|
|
|
|
dest: "/etc/nginx/certs/{{ matrix_server_name }}.crt"
|
|
|
|
|
state: link
|
|
|
|
|
force: yes
|
|
|
|
|