Add option to configure certs dir
parent
e3db997709
commit
51c515cf97
|
|
@ -16,9 +16,12 @@ This is the domain serving the API.
|
||||||
### `node_exporter_cert`
|
### `node_exporter_cert`
|
||||||
|
|
||||||
This specifies which domain should be used for SSL. Useful if you use wildcard
|
This specifies which domain should be used for SSL. Useful if you use wildcard
|
||||||
certs. These are expected to live in `/etc/nginx/certs`.
|
certs. These are expected to live in `certs_dir`.
|
||||||
|
|
||||||
### `prometheus_pass`
|
### `prometheus_pass`
|
||||||
|
|
||||||
This specifies the HTTP Basic Auth password to secure the prometheus endpoint.
|
This specifies the HTTP Basic Auth password to secure the prometheus endpoint.
|
||||||
|
|
||||||
|
### `certs_dir`
|
||||||
|
|
||||||
|
Location to look for certificates
|
||||||
|
|
|
||||||
|
|
@ -14,7 +14,7 @@
|
||||||
- name: Place reverse proxy conf
|
- name: Place reverse proxy conf
|
||||||
become: yes
|
become: yes
|
||||||
template:
|
template:
|
||||||
src: files/nginx.conf
|
src: templates/nginx.conf.j2
|
||||||
dest: /etc/nginx/conf.d/{{ node_exporter_domain }}.conf
|
dest: /etc/nginx/conf.d/{{ node_exporter_domain }}.conf
|
||||||
notify: Check and Reload nginx
|
notify: Check and Reload nginx
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -3,8 +3,8 @@ server {
|
||||||
listen [::]:443 ssl http2;
|
listen [::]:443 ssl http2;
|
||||||
server_name {{ node_exporter_domain }};
|
server_name {{ node_exporter_domain }};
|
||||||
|
|
||||||
ssl_certificate /etc/nginx/certs/{{ node_exporter_cert }}/fullchain;
|
ssl_certificate {{ certs_dir }}/{{ node_exporter_cert }}/fullchain;
|
||||||
ssl_certificate_key /etc/nginx/certs/{{ node_exporter_cert }}/key;
|
ssl_certificate_key {{ certs_dir }}/{{ node_exporter_cert }}/key;
|
||||||
ssl_session_timeout 1d;
|
ssl_session_timeout 1d;
|
||||||
ssl_session_cache shared:SSL:50m;
|
ssl_session_cache shared:SSL:50m;
|
||||||
ssl_session_tickets off;
|
ssl_session_tickets off;
|
||||||
Loading…
Reference in New Issue