(refactor) rm get_tld
parent
3d14d13b99
commit
1153fffc16
|
@ -1,4 +1,4 @@
|
|||
# {{ ansible_managed }}
|
||||
# {{ ansible_managed }
|
||||
# commit: {{ lookup('pipe', 'git rev-parse --short HEAD') }}
|
||||
|
||||
server {
|
||||
|
@ -17,10 +17,10 @@ server {
|
|||
ssl_prefer_server_ciphers on;
|
||||
ssl_dhparam {{ ssl_dir }}/dhparams.pem;
|
||||
ssl_ecdh_curve secp384r1;
|
||||
ssl_certificate {{ certs_dir }}/{{ domain | get_tld }}/cert.pem;
|
||||
ssl_certificate_key {{ certs_dir }}/{{ domain | get_tld }}/key.pem;
|
||||
ssl_certificate {{ certs_dir }}/{{ domain | get_tld }}/cert.pem;
|
||||
ssl_certificate_key {{ certs_dir }}/{{ domain | get_tld }}/key.pem;
|
||||
ssl_certificate {{ certs_dir }}/{{ domain | get_cert_domain }}/cert.pem;
|
||||
ssl_certificate_key {{ certs_dir }}/{{ domain | get_cert_domain }}/key.pem;
|
||||
ssl_certificate {{ certs_dir }}/{{ domain | get_cert_domain }}/cert.pem;
|
||||
ssl_certificate_key {{ certs_dir }}/{{ domain | get_cert_domain }}/key.pem;
|
||||
|
||||
##
|
||||
# OCSP Stapling
|
||||
|
@ -28,7 +28,7 @@ server {
|
|||
ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
resolver {{ dns_resolvers }} valid=300s;
|
||||
ssl_trusted_certificate {{ certs_dir }}/{{ domain | get_tld }}/cert.pem;
|
||||
ssl_trusted_certificate {{ certs_dir }}/{{ domain | get_cert_domain }}/cert.pem;
|
||||
|
||||
location / {
|
||||
proxy_set_header Host $http_host;
|
||||
|
|
Loading…
Reference in New Issue