1 more command instead of shell + more jitsimeet_ prefix
This commit is contained in:
parent
0dbd76f077
commit
c34fe9a477
|
@ -115,7 +115,7 @@
|
|||
- name: Check if SSL certificate is present and register result
|
||||
ansible.builtin.stat:
|
||||
path: "/etc/letsencrypt/live/{{ jitsimeet_domains |first }}/fullchain.pem"
|
||||
register: ssl
|
||||
register: jitsimeet_ssl
|
||||
|
||||
- name: Generate certificate only if required (first time)
|
||||
block:
|
||||
|
@ -140,12 +140,12 @@
|
|||
- name: Generate certificate with certbot
|
||||
ansible.builtin.command:
|
||||
cmd: certbot certonly --webroot --webroot-path /var/lib/letsencrypt --non-interactive --agree-tos --email {{ jitsimeet_certbot_admin_email }} -d {{ jitsimeet_domains |first }}
|
||||
when: ssl.stat.exists != true
|
||||
when: jitsimeet_ssl.stat.exists != true
|
||||
|
||||
- name: (Re)check if SSL certificate is present and register result
|
||||
ansible.builtin.stat:
|
||||
path: "/etc/letsencrypt/live/{{ jitsimeet_domains |first }}/fullchain.pem"
|
||||
register: ssl
|
||||
register: jitsimeet_ssl
|
||||
|
||||
- name: (Re)template conf file for nginx vhost with SSL
|
||||
ansible.builtin.template:
|
||||
|
@ -175,11 +175,12 @@
|
|||
- name: Check if SSL certificate for coturn is present and register result
|
||||
ansible.builtin.stat:
|
||||
path: "/etc/coturn/certs/{{ jitsimeet_turn_domains |first }}.crt"
|
||||
register: ssl_coturn
|
||||
register: jitsimeet_ssl_coturn
|
||||
|
||||
- name: Generate certificate for coturn with certbot
|
||||
ansible.builtin.shell: certbot certonly --webroot --webroot-path /var/lib/letsencrypt --non-interactive --deploy-hook /etc/letsencrypt/renewal-hooks/deploy/coturn-certbot-deploy.sh --agree-tos --email {{ jitsimeet_certbot_admin_email }} -d {{ jitsimeet_turn_domains |first }}
|
||||
when: ssl_coturn.stat.exists != true
|
||||
ansible.builtin.command:
|
||||
cmd: certbot certonly --webroot --webroot-path /var/lib/letsencrypt --non-interactive --deploy-hook /etc/letsencrypt/renewal-hooks/deploy/coturn-certbot-deploy.sh --agree-tos --email {{ jitsimeet_certbot_admin_email }} -d {{ jitsimeet_turn_domains |first }}
|
||||
when: jitsimeet_ssl_coturn.stat.exists != true
|
||||
|
||||
- name: Setup other domains if any
|
||||
include_tasks: other_domains.yml
|
||||
|
|
|
@ -15,7 +15,7 @@
|
|||
- name: Check if SSL certificate is present and register result
|
||||
ansible.builtin.stat:
|
||||
path: "/etc/letsencrypt/live/{{ domain }}/fullchain.pem"
|
||||
register: ssl
|
||||
register: jitsimeet_ssl
|
||||
|
||||
- name: Generate certificate only if required (first time)
|
||||
block:
|
||||
|
@ -40,12 +40,12 @@
|
|||
- name: Generate certificate with certbot
|
||||
ansible.builtin.command:
|
||||
cmd: certbot certonly --webroot --webroot-path /var/lib/letsencrypt --non-interactive --agree-tos --email {{ jitsimeet_certbot_admin_email }} -d {{ domain }}
|
||||
when: ssl.stat.exists != true
|
||||
when: jitsimeet_ssl.stat.exists != true
|
||||
|
||||
- name: (Re)check if SSL certificate is present and register result
|
||||
ansible.builtin.stat:
|
||||
path: "/etc/letsencrypt/live/{{ domain }}/fullchain.pem"
|
||||
register: ssl
|
||||
register: jitsimeet_ssl
|
||||
|
||||
- name: (Re)template conf file for nginx vhost with SSL
|
||||
ansible.builtin.template:
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{% if ssl.stat.exists %}
|
||||
{% if jitsimeet_ssl.stat.exists %}
|
||||
map $arg_vnode $prosody_node {
|
||||
default prosody;
|
||||
v1 v1;
|
||||
|
@ -24,12 +24,12 @@ server {
|
|||
try_files $uri =404;
|
||||
allow all;
|
||||
}
|
||||
{% if ssl.stat.exists %}
|
||||
{% if jitsimeet_ssl.stat.exists %}
|
||||
location / { return 301 https://$host$request_uri; }
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
{% if ssl.stat.exists %}
|
||||
{% if jitsimeet_ssl.stat.exists %}
|
||||
server {
|
||||
listen 8088 ssl http2;
|
||||
listen [::]:8088 ssl http2;
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{% if ssl.stat.exists %}
|
||||
{% if jitsimeet_ssl.stat.exists %}
|
||||
server_names_hash_bucket_size 64;
|
||||
|
||||
types {
|
||||
|
@ -41,12 +41,12 @@ server {
|
|||
try_files $uri =404;
|
||||
allow all;
|
||||
}
|
||||
{% if ssl.stat.exists %}
|
||||
{% if jitsimeet_ssl.stat.exists %}
|
||||
location / { return 301 https://$host$request_uri; }
|
||||
{% endif %}
|
||||
}
|
||||
|
||||
{% if ssl.stat.exists %}
|
||||
{% if jitsimeet_ssl.stat.exists %}
|
||||
server {
|
||||
listen 8088 ssl http2;
|
||||
listen [::]:8088 ssl http2;
|
||||
|
|
Loading…
Reference in a new issue