2 files changed, 7 insertions, 1 deletions

diff --git a/roles/webserver/files/user_conf.d/memzero.conf b/roles/webserver/files/user_conf.d/memzero.conf
index 2da3a73..95e5280 100644
--- a/roles/webserver/files/user_conf.d/memzero.conf
+++ b/roles/webserver/files/user_conf.d/memzero.conf
@@ -7,7 +7,12 @@ server {
     server_name memzero.de www.memzero.de;
 
     # Load the certificate files.
-    include /etc/nginx/inc/ssl.conf;
+    ssl_certificate         /etc/letsencrypt/live/memzero/fullchain.pem;
+    ssl_certificate_key     /etc/letsencrypt/live/memzero/privkey.pem;
+    ssl_trusted_certificate /etc/letsencrypt/live/memzero/chain.pem;
+
+    # Load the Diffie-Hellman parameter.
+    ssl_dhparam /etc/letsencrypt/dhparams/dhparam.pem;
 
     root /www/memzero;
 
diff --git a/roles/webserver/tasks/main.yml b/roles/webserver/tasks/main.yml
index 5e8be87..381ac21 100644
--- a/roles/webserver/tasks/main.yml
+++ b/roles/webserver/tasks/main.yml
@@ -28,6 +28,7 @@
       # Use 'Z' to privately relable selinux contexts.
       - "{{ DATA_ROOT }}/nginx/user_conf.d:/etc/nginx/user_conf.d:ro,Z"
       - "{{ DATA_ROOT }}/nginx/inc:/etc/nginx/inc:ro,Z"
+      - "{{ DATA_ROOT }}/nginx/certs:/etc/letsencrypt:Z"
       # Use 'z' to shared-ly relable selinux contexts.
       - "{{ DATA_ROOT }}/nginx/www:/www:ro,z"