commit 7b9af21abf
Author: Robert Kaussow <mail@geeklabor.de> Date: Thu Jun 4 23:09:15 2020 +0200 allow uploading a list of certificate files
This commit is contained in:
parent
e7b1797cef
commit
708c39fec5
49
index.md
49
index.md
@ -33,16 +33,13 @@ Setup [nginx](https://www.nginx.com/) webserver. Nginx is an open source reverse
|
|||||||
* [nginx_reset_timedout_connection](#nginx_reset_timedout_connection)
|
* [nginx_reset_timedout_connection](#nginx_reset_timedout_connection)
|
||||||
* [nginx_send_timeout](#nginx_send_timeout)
|
* [nginx_send_timeout](#nginx_send_timeout)
|
||||||
* [nginx_server_names_hash_bucket_size](#nginx_server_names_hash_bucket_size)
|
* [nginx_server_names_hash_bucket_size](#nginx_server_names_hash_bucket_size)
|
||||||
* [nginx_tls_cert_file](#nginx_tls_cert_file)
|
* [nginx_tls_certificates](#nginx_tls_certificates)
|
||||||
* [nginx_tls_cert_source](#nginx_tls_cert_source)
|
|
||||||
* [nginx_tls_ciphers](#nginx_tls_ciphers)
|
* [nginx_tls_ciphers](#nginx_tls_ciphers)
|
||||||
* [nginx_tls_dhparam_file](#nginx_tls_dhparam_file)
|
* [nginx_tls_dhparam_file](#nginx_tls_dhparam_file)
|
||||||
* [nginx_tls_dhparam_size](#nginx_tls_dhparam_size)
|
* [nginx_tls_dhparam_size](#nginx_tls_dhparam_size)
|
||||||
* [nginx_tls_ecdh_curve](#nginx_tls_ecdh_curve)
|
* [nginx_tls_ecdh_curve](#nginx_tls_ecdh_curve)
|
||||||
* [nginx_tls_enabled](#nginx_tls_enabled)
|
* [nginx_tls_enabled](#nginx_tls_enabled)
|
||||||
* [nginx_tls_hsts_enabled](#nginx_tls_hsts_enabled)
|
* [nginx_tls_hsts_enabled](#nginx_tls_hsts_enabled)
|
||||||
* [nginx_tls_key_file](#nginx_tls_key_file)
|
|
||||||
* [nginx_tls_key_source](#nginx_tls_key_source)
|
|
||||||
* [nginx_tls_ocsp_enabled](#nginx_tls_ocsp_enabled)
|
* [nginx_tls_ocsp_enabled](#nginx_tls_ocsp_enabled)
|
||||||
* [nginx_tls_ocsp_trusted_certificate](#nginx_tls_ocsp_trusted_certificate)
|
* [nginx_tls_ocsp_trusted_certificate](#nginx_tls_ocsp_trusted_certificate)
|
||||||
* [nginx_tls_versions](#nginx_tls_versions)
|
* [nginx_tls_versions](#nginx_tls_versions)
|
||||||
@ -314,24 +311,24 @@ nginx_send_timeout: 60
|
|||||||
nginx_server_names_hash_bucket_size: 32
|
nginx_server_names_hash_bucket_size: 32
|
||||||
```
|
```
|
||||||
|
|
||||||
### nginx_tls_cert_file
|
### nginx_tls_certificates
|
||||||
|
|
||||||
Set the destination filename.
|
|
||||||
|
|
||||||
#### Default value
|
#### Default value
|
||||||
|
|
||||||
```YAML
|
```YAML
|
||||||
nginx_tls_cert_file: mycert.pem
|
nginx_tls_certificates: []
|
||||||
```
|
```
|
||||||
|
|
||||||
### nginx_tls_cert_source
|
#### Example usage
|
||||||
|
|
||||||
Source has to be a file.
|
|
||||||
|
|
||||||
#### Default value
|
|
||||||
|
|
||||||
```YAML
|
```YAML
|
||||||
nginx_tls_cert_source: _unset_
|
nginx_tls_certificates:
|
||||||
|
- source: "{{ ansible_user_dir }}/files/mycert.pem"
|
||||||
|
dest: /etc/pki/tls/certs/mycert.pem
|
||||||
|
mode: 0644
|
||||||
|
- source: "{{ ansible_user_dir }}/files/mykey.pem"
|
||||||
|
dest: /etc/pki/tls/private/mykey.pem
|
||||||
|
mode: 0600
|
||||||
```
|
```
|
||||||
|
|
||||||
### nginx_tls_ciphers
|
### nginx_tls_ciphers
|
||||||
@ -387,26 +384,6 @@ nginx_tls_enabled: false
|
|||||||
nginx_tls_hsts_enabled: false
|
nginx_tls_hsts_enabled: false
|
||||||
```
|
```
|
||||||
|
|
||||||
### nginx_tls_key_file
|
|
||||||
|
|
||||||
Set the destination filename.
|
|
||||||
|
|
||||||
#### Default value
|
|
||||||
|
|
||||||
```YAML
|
|
||||||
nginx_tls_key_file: mykey.pem
|
|
||||||
```
|
|
||||||
|
|
||||||
### nginx_tls_key_source
|
|
||||||
|
|
||||||
Source has to be a file.
|
|
||||||
|
|
||||||
#### Default value
|
|
||||||
|
|
||||||
```YAML
|
|
||||||
nginx_tls_key_source: _unset_
|
|
||||||
```
|
|
||||||
|
|
||||||
### nginx_tls_ocsp_enabled
|
### nginx_tls_ocsp_enabled
|
||||||
|
|
||||||
#### Default value
|
#### Default value
|
||||||
@ -474,8 +451,8 @@ nginx_vhosts_default:
|
|||||||
tls_redirect: False # skips locations if enabled
|
tls_redirect: False # skips locations if enabled
|
||||||
tls_redirect_url:
|
tls_redirect_url:
|
||||||
tls:
|
tls:
|
||||||
cert: /etc/pki/tls/..
|
cert: /etc/pki/tls/certs/mycert.pem
|
||||||
key: /etc/pki/tls/..
|
key: /etc/pki/tls/private/mykey.pem
|
||||||
dhparam:
|
dhparam:
|
||||||
client_max_body_size:
|
client_max_body_size:
|
||||||
send_timeout:
|
send_timeout:
|
||||||
|
Loading…
Reference in New Issue
Block a user