diff options
Diffstat (limited to 'roles/webserver')
-rw-r--r-- | roles/webserver/files/user_conf.d/memzero.conf | 7 | ||||
-rw-r--r-- | roles/webserver/tasks/main.yml | 1 |
2 files changed, 7 insertions, 1 deletions
diff --git a/roles/webserver/files/user_conf.d/memzero.conf b/roles/webserver/files/user_conf.d/memzero.conf index 2da3a73..95e5280 100644 --- a/roles/webserver/files/user_conf.d/memzero.conf +++ b/roles/webserver/files/user_conf.d/memzero.conf @@ -7,7 +7,12 @@ server { server_name memzero.de www.memzero.de; # Load the certificate files. - include /etc/nginx/inc/ssl.conf; + ssl_certificate /etc/letsencrypt/live/memzero/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/memzero/privkey.pem; + ssl_trusted_certificate /etc/letsencrypt/live/memzero/chain.pem; + + # Load the Diffie-Hellman parameter. + ssl_dhparam /etc/letsencrypt/dhparams/dhparam.pem; root /www/memzero; diff --git a/roles/webserver/tasks/main.yml b/roles/webserver/tasks/main.yml index 5e8be87..381ac21 100644 --- a/roles/webserver/tasks/main.yml +++ b/roles/webserver/tasks/main.yml @@ -28,6 +28,7 @@ # Use 'Z' to privately relable selinux contexts. - "{{ DATA_ROOT }}/nginx/user_conf.d:/etc/nginx/user_conf.d:ro,Z" - "{{ DATA_ROOT }}/nginx/inc:/etc/nginx/inc:ro,Z" + - "{{ DATA_ROOT }}/nginx/certs:/etc/letsencrypt:Z" # Use 'z' to shared-ly relable selinux contexts. - "{{ DATA_ROOT }}/nginx/www:/www:ro,z" |