diff options
| author | Lars Wirzenius <liw@liw.fi> | 2020-12-10 11:10:14 +0200 |
|---|---|---|
| committer | Lars Wirzenius <liw@liw.fi> | 2020-12-10 11:10:14 +0200 |
| commit | fe9ac650821a2fb1f88d8cb4165bcc433fccc936 (patch) | |
| tree | 3b64dbec44a7af672fbb70f7ce50dc394f3960ec /ansible/http.liw.fi.yml | |
| parent | 7bff05af43deb8ffad5f9c17a510d35151cf3754 (diff) | |
| download | ansibleness-fe9ac650821a2fb1f88d8cb4165bcc433fccc936.tar.gz | |
update for new http-static.vm.liw.fi
Diffstat (limited to 'ansible/http.liw.fi.yml')
| -rw-r--r-- | ansible/http.liw.fi.yml | 53 |
1 files changed, 30 insertions, 23 deletions
diff --git a/ansible/http.liw.fi.yml b/ansible/http.liw.fi.yml index 7dc600e..10a9e72 100644 --- a/ansible/http.liw.fi.yml +++ b/ansible/http.liw.fi.yml @@ -2,10 +2,9 @@ remote_user: root roles: - role: sane_debian_system - - role: comfortable-debian-system - role: unix_users - role: apache_server - tags: [apache] + - role: comfortable-debian-system - role: self-updating-system vars: sane_debian_system_version: 1 @@ -33,6 +32,8 @@ static_sites: + # Sites that refer to this server via CNAME will work out of the box. + - domain: http-static.vm.liw.fi owner: liw ownermail: liw@liw.fi @@ -73,7 +74,7 @@ owner: ickliwfi ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert1 + letsencrypt_cert: cer1 - domain: journal.liw.fi owner: ickliwfi @@ -83,12 +84,6 @@ htpasswd: "{{ lookup('pipe', 'pass journal.liw.fi.htpasswd') }}" htpasswd_name: "Private site by Lars. Go away." - - domain: ick.liw.fi - owner: ickliwfi - ownermail: liw@liw.fi - letsencrypt: yes - letsencrypt_cert: cert1 - - domain: noir.liw.fi owner: ickliwfi ownermail: liw@liw.fi @@ -101,17 +96,11 @@ letsencrypt: yes letsencrypt_cert: cert1 - - domain: obnam.org - owner: ickliwfi - ownermail: liw@liw.fi - letsencrypt: yes - letsencrypt_cert: cert2 - - domain: doc.obnam.org owner: ickliwfi ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert2 + letsencrypt_cert: cert1 - domain: seinfeld.liw.fi owner: ickliwfi @@ -135,31 +124,49 @@ owner: ickliwfi ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert2 + letsencrypt_cert: cert1 - domain: 256.liw.fi owner: ickliwfi ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert3 + letsencrypt_cert: cert1 - domain: gtdfh.liw.fi owner: ickliwfi ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert5 + letsencrypt_cert: cert1 - - domain: liw.fi + - domain: blog.liw.fi owner: ickliwfi ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert7 + letsencrypt_cert: cert1 - - domain: blog.liw.fi + # Sites that need to be changed in DNS (A record) before Let's + # Encrypt certificates can be created. Comment these out until + # DNS has been changed. + + - domain: ick.liw.fi owner: ickliwfi ownermail: liw@liw.fi letsencrypt: yes - letsencrypt_cert: cert7 + letsencrypt_cert: cert3 + + - domain: obnam.org + owner: ickliwfi + ownermail: liw@liw.fi + letsencrypt: yes + letsencrypt_cert: cert2 + + - domain: liw.fi + owner: ickliwfi + ownermail: liw@liw.fi + letsencrypt: yes + letsencrypt_cert: cert2 + + # Sites without HTTPS. - domain: yotyonzen.docstory.fi owner: liw |