diff --git a/.certs b/.certs index e335178..7685cdd 160000 --- a/.certs +++ b/.certs @@ -1 +1 @@ -Subproject commit e335178e3fe9df1a82ac3de735d703b6a08939d0 +Subproject commit 7685cddf5200f168e26df2cf2b2863bc3e9dadb5 diff --git a/certs/websites/pyrocufflink.net.cer b/certs/websites/pyrocufflink.net.cer new file mode 120000 index 0000000..9ebe139 --- /dev/null +++ b/certs/websites/pyrocufflink.net.cer @@ -0,0 +1 @@ +../lego/_.pyrocufflink.net.crt \ No newline at end of file diff --git a/certs/websites/pyrocufflink.net.key b/certs/websites/pyrocufflink.net.key new file mode 120000 index 0000000..3253dd8 --- /dev/null +++ b/certs/websites/pyrocufflink.net.key @@ -0,0 +1 @@ +../lego/_.pyrocufflink.net.key \ No newline at end of file diff --git a/group_vars/public-web.yml b/group_vars/public-web.yml index f6048b8..1f601f1 100644 --- a/group_vars/public-web.yml +++ b/group_vars/public-web.yml @@ -6,8 +6,4 @@ nratonpass_publisher_keys: '{{ dchwww_publisher_keys }}' dcow_publisher_keys: '{{ dchwww_publisher_keys }}' chmod777_publisher_keys: '{{ dchwww_publisher_keys }}' apache_server_name: pyrocufflink.net -apache_ssl_certificate: - /var/lib/letsencrypt/live/pyrocufflink.net/fullchain.pem -apache_ssl_certificate_key: - /var/lib/letsencrypt/live/pyrocufflink.net/privkey.pem userdir_proxy_backend: http://files.pyrocufflink.blue diff --git a/hosts b/hosts index abce53f..4449a4e 100644 --- a/hosts +++ b/hosts @@ -17,7 +17,6 @@ burp1.pyrocufflink.blue [certbot] bw0.pyrocufflink.blue -web0.pyrocufflink.blue [dch-proxy] rprx0.pyrocufflink.blue diff --git a/roles/websites/pyrocufflink.net/meta/main.yml b/roles/websites/pyrocufflink.net/meta/main.yml deleted file mode 100644 index 32a8538..0000000 --- a/roles/websites/pyrocufflink.net/meta/main.yml +++ /dev/null @@ -1,4 +0,0 @@ -dependencies: -- role: certbot - certbot_domains: - - pyrocufflink.net diff --git a/roles/websites/pyrocufflink.net/templates/pyrocufflink.httpd.conf.j2 b/roles/websites/pyrocufflink.net/templates/pyrocufflink.httpd.conf.j2 index 9672a89..67c9401 100644 --- a/roles/websites/pyrocufflink.net/templates/pyrocufflink.httpd.conf.j2 +++ b/roles/websites/pyrocufflink.net/templates/pyrocufflink.httpd.conf.j2 @@ -3,8 +3,8 @@ ServerName pyrocufflink.net Include conf.d/ssl.include - SSLCertificateFile {{ apache_ssl_certificate }} - SSLCertificateKeyFile {{ apache_ssl_certificate_key }} + SSLCertificateFile /etc/pki/tls/certs/pyrocufflink.net.cer + SSLCertificateKeyFile /etc/pki/tls/private/pyrocufflink.net.key ProxyRequests Off RewriteEngine On diff --git a/websites.yml b/websites.yml index eea2614..2c5c128 100644 --- a/websites.yml +++ b/websites.yml @@ -3,6 +3,14 @@ apache_default_ssl_vhost: false roles: - apache + - role: cert + vars: + cert_src: websites/pyrocufflink.net.cer + cert_dest: /etc/pki/tls/certs/pyrocufflink.net.cer + cert_key_src: websites/pyrocufflink.net.key + cert_key_dest: /etc/pki/tls/private/pyrocufflink.net.key + tags: + - websites/pyrocufflink.net - role: websites/pyrocufflink.net tags: websites/pyrocufflink.net - role: websites/dustin.hatch.name