| 12345678910111213141516171819202122 |
- ---
- # tasks file for mapserver-certificates
- - name: Install openssl to generate DH params
- apt: name=openssl state=present
- - name: Ensure nginx ssl directory exists
- file: dest=/etc/nginx/ssl/ state=directory
- - name: Create private ssl key from secret var
- copy: content="{{ mapserver_ssl_private_key }}" dest=/etc/nginx/ssl/wiki.ffdo.de.key
- - name: Create nginx server certificate from secret var
- copy: content="{{ mapserver_ssl_server_cert }}" dest=/etc/nginx/ssl/wiki.ffdo.de.crt
- - name: Deploy pregenerated DH params
- when: mapserver_use_pregenerated_dh_params
- copy: content="{{mapserver_dh_params}}" dest=/etc/nginx/dhparams.pem
- - name: Generate strong dhparams
- when: not mapserver_use_pregenerated_dh_params
- shell: openssl dhparam -out /etc/nginx/dhparams.pem 4096 creates=/etc/nginx/dhparams.pem
|
