iac/rproxy
3
0
Fork 0
Code Issues Pull Requests Packages Releases 9 Activity

fullchain cert + fix 502

Browse Source
This commit is contained in:
apavlov
2024-07-01 20:30:29 +03:00
parent dc44f5d6dd
commit 6b4067be15
2 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
roles/rproxy/tasks/main.yml
View File

@@ -73,6 +73,10 @@
ansible.builtin.shell: ansible.builtin.shell:
cmd: 'openssl x509 -req -CA {{ rproxy_dir }}/certs/RootCA.crt -CAkey {{ rproxy_dir }}/certs/RootCA.key -in {{ rproxy_dir }}/certs/{{ domain.stdout }}.csr -out {{ rproxy_dir }}/certs/{{ domain.stdout }}.crt -CAcreateserial' cmd: 'openssl x509 -req -CA {{ rproxy_dir }}/certs/RootCA.crt -CAkey {{ rproxy_dir }}/certs/RootCA.key -in {{ rproxy_dir }}/certs/{{ domain.stdout }}.csr -out {{ rproxy_dir }}/certs/{{ domain.stdout }}.crt -CAcreateserial'
- name: Create fullchain certificate
ansible.builtin.shell:
cmd: 'cat {{ rproxy_dir }}/certs/RootCA.crt >> {{ rproxy_dir }}/certs/{{ domain.stdout }}.crt'
- name: Delete csr - name: Delete csr
ansible.builtin.file: ansible.builtin.file:
path: "{{ rproxy_dir }}/certs/{{ domain.stdout }}.csr" path: "{{ rproxy_dir }}/certs/{{ domain.stdout }}.csr"

2
roles/rproxy/templates/server.conf.j2
View File

@@ -30,6 +30,6 @@ server {
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass https://{{ rproxy_service_name }}.{{ domain.stdout }}/; proxy_pass http://{{ rproxy_service_name }}.{{ domain.stdout }}/;
} }
} }