1 files changed, 11 insertions, 6 deletions

diff --git a/roles/apache_server/templates/virtualhost.conf.tmpl b/roles/apache_server/templates/virtualhost.conf.tmpl
index 5d06f0e..fd6bb51 100644
--- a/roles/apache_server/templates/virtualhost.conf.tmpl
+++ b/roles/apache_server/templates/virtualhost.conf.tmpl
@@ -7,11 +7,10 @@
     DocumentRoot /srv/http/{{ item.domain }}
     ErrorLog /var/log/apache2/{{ item.domain }}/error.log
     CustomLog /var/log/apache2/{{ item.domain }}/access.log combined
+    <Directory /srv/http/{{ item.domain }}>
 {% if item.letsencrypt|default(false) %}
-    Redirect permanent / "https://{{ item.domain }}/"
+        Redirect permanent / "https://{{ item.domain }}/"
 {% else %}
-    <Directory /srv/http/{{ item.domain }}>
-
         Options +SymlinksIfOwnerMatch +Indexes +MultiViews
 {% if item.htpasswd is defined %}
         AuthType Basic
@@ -22,8 +21,14 @@
         AllowOverride AuthConfig
         Require all granted
 {% endif %}
-    </Directory>
 {% endif %}
+    </Directory>
+
+    Alias /.well-known/ /srv/letsencrypt/{{ item.domain }}/
+    <Directory /srv/letsencrypt/{{ item.domain }}>
+        Require all granted
+    </Directory>
+
 </VirtualHost>
 
 
@@ -51,7 +56,7 @@
     </Directory>
 
     SSLEngine on
-    SSLCertificateFile	"/etc/letsencrypt/live/{{ letsencrypt_main_domain }}/fullchain.pem"
-    SSLCertificateKeyFile "/etc/letsencrypt/live/{{ letsencrypt_main_domain }}/privkey.pem"
+    SSLCertificateFile	"/etc/letsencrypt/live/static_sites/fullchain.pem"
+    SSLCertificateKeyFile "/etc/letsencrypt/live/static_sites/privkey.pem"
 </VirtualHost>
 {% endif %}