From 9b49e0c892331a74878af12b2f77b94215c9ec32 Mon Sep 17 00:00:00 2001 From: Robert Kaussow Date: Tue, 11 Jun 2019 10:06:02 +0200 Subject: [PATCH] fix nginx tls handling --- defaults/main.yml | 2 -- tasks/nginx.yml | 16 ++-------------- 2 files changed, 2 insertions(+), 16 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 75ab533..80de6ef 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -69,8 +69,6 @@ droneci_gitea_skip_verify: False droneci_tls_cert_path: droneci.pem droneci_tls_key_path: droneci.pem -droneci_tls_source_use_content: False -droneci_tls_source_use_files: True droneci_tls_cert_source: mycert.pem droneci_tls_key_source: mykey.pem diff --git a/tasks/nginx.yml b/tasks/nginx.yml index 3709bc2..3984b02 100644 --- a/tasks/nginx.yml +++ b/tasks/nginx.yml @@ -1,18 +1,6 @@ --- - block: - - name: Copy certs and private key to nginx proxy (content) - copy: - content: "{{ item.src }}" - dest: "{{ item.dest }}" - mode: "{{ item.mode }}" - with_items: - - { src: "{{ droneci_tls_key_source }}", dest: '/etc/pki/tls/private/{{ droneci_tls_key_path | basename }}', mode: '0600' } - - { src: "{{ droneci_tls_cert_source }}", dest: '/etc/pki/tls/certs/{{ droneci_tls_cert_path | basename }}', mode: '0750' } - loop_control: - label: "{{ item.dest }}" - when: droneci_tls_source_use_content - - - name: Copy certs and private key to nginx proxy (files) + - name: Copy certs and private key to nginx proxy copy: src: "{{ item.src }}" dest: "{{ item.dest }}" @@ -22,10 +10,10 @@ - { src: "{{ droneci_tls_cert_source }}", dest: '/etc/pki/tls/certs/{{ droneci_tls_cert_path | basename }}', mode: '0750' } loop_control: label: "{{ item.dest }}" - when: droneci_tls_source_use_files delegate_to: "{{ droneci_nginx_server }}" become: True become_user: root + when: droneci_nginx_tls_enabled | bool tags: tls_renewal - block: