diff options
author | Lars Wirzenius <liw@liw.fi> | 2024-03-27 09:21:07 +0200 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2024-03-27 09:21:07 +0200 |
commit | 6d572386c9bf5689eb79cf1cb40ab98f1766c3c9 (patch) | |
tree | db7934cf44037c1e247523731fa6ab10dd2ecf74 /ansible | |
parent | 1ee564bbc052cd3959d54eae2574e1264e41d096 (diff) | |
download | ansibleness-6d572386c9bf5689eb79cf1cb40ab98f1766c3c9.tar.gz |
monorepo.liw.fi: tls
Signed-off-by: Lars Wirzenius <liw@liw.fi>
Sponsored-by: author
Diffstat (limited to 'ansible')
-rw-r--r-- | ansible/monorepo.liw.fi.yml | 31 |
1 files changed, 30 insertions, 1 deletions
diff --git a/ansible/monorepo.liw.fi.yml b/ansible/monorepo.liw.fi.yml index 1f1797d..8753552 100644 --- a/ansible/monorepo.liw.fi.yml +++ b/ansible/monorepo.liw.fi.yml @@ -9,6 +9,7 @@ tasks: - apt: name: + - curl - git - shell: | a2enmod cgi alias env @@ -37,6 +38,34 @@ ScriptAlias /git/ /usr/lib/git-core/git-http-backend/ </VirtualHost> dest: /etc/apache2/sites-enabled/000-default.conf + - copy: + content: | + <VirtualHost *:443> + ServerName monorepo.liw.fi + ServerAdmin liw@liw.fi + DocumentRoot /var/www/html + SSLEngine on + SSLCertificateFile /etc/letsencrypt/live/monorepo.liw.fi/fullchain.pem + SSLCertificateKeyFile /etc/letsencrypt/live/monorepo.liw.fi/privkey.pem + + <Directory "/"> + AllowOverride None + Order deny,allow + Allow from all + </Directory> + + <Location "/> + Require all granted + </Location> + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + SetEnv GIT_PROJECT_ROOT /home/liw/git + SetEnv GIT_HTTP_EXPORT_ALL + ScriptAlias /git/ /usr/lib/git-core/git-http-backend/ + </VirtualHost> + dest: /etc/apache2/sites-enabled/000-default.conf - systemd: name: apache2 state: restarted @@ -53,7 +82,7 @@ comment: Lars Wirzenius sudo: yes - letsencrypt: no + letsencrypt: yes letsencrypt_email: liw@liw.fi letsencrypt_main_domain: monorepo.liw.fi certbot_debian_release: bookworm |