Use templating to generate ssl-certs.conf in known location

Generates ssl-certs.conf in /opt (alongside certbot) via template so location is known for copying to nginx config in the run_certbot.sh script.

Use templating to generate ssl-certs.conf in known location
Generates ssl-certs.conf in /opt (alongside certbot) via template so location is known for copying to nginx config in the run_certbot.sh script.
f91438a9 · Martin Fitzpatrick · Fred Smith · e3359162 · f91438a9 · f91438a9
Commit f91438a9 authored Sep 10, 2016 by Martin Fitzpatrick Committed by Fred Smith Nov 03, 2016
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 1 deletions

playbooks/roles/lets_encrypt/tasks/main.yml
+8 -0

playbooks/roles/lets_encrypt/templates/run_certbot.sh.j2
+1 -1

playbooks/roles/lets_encrypt/templates/ssl-certs.conf.j2
+0 -0

No files found.
--- a/playbooks/roles/lets_encrypt/tasks/main.yml
+++ b/playbooks/roles/lets_encrypt/tasks/main.yml
@@ -91,6 +91,14 @@
    - install
    - update
+- name: render nginx cert configuration file
+  template:
+    src: ssl-certs.conf.j2
+    dest: /opt/ssl-certs.conf
+    owner: root
+  tags:
+    - install
 - name: run certbot
  command: /opt/run_certbot.sh
  tags:

--- a/playbooks/roles/lets_encrypt/templates/run_certbot.sh.j2
+++ b/playbooks/roles/lets_encrypt/templates/run_certbot.sh.j2
@@ -28,7 +28,7 @@ ln -sf /etc/letsencrypt/live/{{ LETS_ENCRYPT_DOMAINS|first }}/privkey.pem /etc/s
 echo "Writing nginx certificate configuration..."
 # Copy the configuration file (with the above certs) into place
-cp /edx/app/edxapp/configuration/playbooks/roles/lets_encrypt/templates/ssl-certs.conf /etc/nginx/ssl-certs.conf
+cp /opt/ssl-certs.conf /etc/nginx/ssl-certs.conf
 # Stop nginx again if it wasn't running, or restart it if it was
 if [ "$nginxstate" == "stopped" ]; then

--- a/playbooks/roles/lets_encrypt/templates/ssl-certs.conf
+++ b/playbooks/roles/lets_encrypt/templates/ssl-certs.conf