Better dh management

2026-02-24 09:03:29 +07:00 · 2016-01-12 11:16:41 +01:00
parent ad9c0fa979
commit 883948f081
6 changed files with 20 additions and 13 deletions
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -15,7 +15,7 @@
 - name: INCLUDE | htpasswd configuration
  include: htpasswd.yml

- name: INCLUDE | Vhosts configuration
+- name: INCLUDE | SSL configuration
  include: ssl.yml

 - name: INCLUDE | Vhosts configuration
--- a/tasks/ssl.yml
+++ b/tasks/ssl.yml
@@ -1,9 +1,18 @@
 ---

- name: COMMAND | Creates DH file
+- name: COMMAND | Generate DH file
  command: openssl dhparam -out {{ nginx_dh_path }} {{ nginx_dh_length }}
  args:
    creates: "{{ nginx_dh_path }}"
+  when: nginx_dh is not string
+  notify: reload nginx
+
+- name: COPY | Deploy DH file from vars
+  copy: >
+    content="{{ nginx_dh }}"
+    dest="{{ nginx_dh_path }}"
+  when: nginx_dh is string
+  notify: reload nginx

 - name: FILE | Create SSL directories
  file: >
@@ -25,9 +34,3 @@
  with_items: nginx_ssl_pairs
  notify: reload nginx

-#- name: FAIL | Missmatch vhost SSL configuration
-#  fail: msg="FUCK {{ item.name }}"
-#
-#
-#
-#  nginx_ssl_dir + '/' + ssl_name + '/' + ssl_name + '.key'