From 7d4e3881415329e32e98c19c32266bb7a3109ca3 Mon Sep 17 00:00:00 2001
From: Jeremy Lecour <jlecour@evolix.fr>
Date: Thu, 13 Jul 2017 16:44:39 +0200
Subject: [PATCH] apache: use snakeoil cert by default

---
 apache/defaults/main.yml                  | 2 ++
 apache/templates/evolinux-default.conf.j2 | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/apache/defaults/main.yml b/apache/defaults/main.yml
index 325e6056..9704ee24 100644
--- a/apache/defaults/main.yml
+++ b/apache/defaults/main.yml
@@ -7,6 +7,8 @@ apache_private_htpasswd_absent: []
 
 apache_default_redirect_url: "http://evolix.fr"
 apache_evolinux_default_enabled: True
+apache_evolinux_default_ssl_cert: /etc/ssl/certs/ssl-cert-snakeoil.pem
+apache_evolinux_default_ssl_key: /etc/ssl/private/ssl-cert-snakeoil.key
 
 apache_phpmyadmin_suffix: ""
 apache_serverstatus_suffix: ""
diff --git a/apache/templates/evolinux-default.conf.j2 b/apache/templates/evolinux-default.conf.j2
index 744c4319..8a5259f5 100644
--- a/apache/templates/evolinux-default.conf.j2
+++ b/apache/templates/evolinux-default.conf.j2
@@ -15,8 +15,8 @@
     DocumentRoot /var/www/
 
     SSLEngine on
-    SSLCertificateFile    /etc/ssl/certs/{{ ansible_fqdn }}.crt
-    SSLCertificateKeyFile /etc/ssl/private/{{ ansible_fqdn }}.key
+    SSLCertificateFile    {{ apache_evolinux_default_ssl_cert }}
+    SSLCertificateKeyFile {{ apache_evolinux_default_ssl_key }}
     # SSLProtocol all -SSLv2 -SSLv3
 
     <Directory /var/www/>