(refactor) rm get_tld
parent
3d14d13b99
commit
1153fffc16
|
@ -1,4 +1,4 @@
|
||||||
# {{ ansible_managed }}
|
# {{ ansible_managed }
|
||||||
# commit: {{ lookup('pipe', 'git rev-parse --short HEAD') }}
|
# commit: {{ lookup('pipe', 'git rev-parse --short HEAD') }}
|
||||||
|
|
||||||
server {
|
server {
|
||||||
|
@ -17,10 +17,10 @@ server {
|
||||||
ssl_prefer_server_ciphers on;
|
ssl_prefer_server_ciphers on;
|
||||||
ssl_dhparam {{ ssl_dir }}/dhparams.pem;
|
ssl_dhparam {{ ssl_dir }}/dhparams.pem;
|
||||||
ssl_ecdh_curve secp384r1;
|
ssl_ecdh_curve secp384r1;
|
||||||
ssl_certificate {{ certs_dir }}/{{ domain | get_tld }}/cert.pem;
|
ssl_certificate {{ certs_dir }}/{{ domain | get_cert_domain }}/cert.pem;
|
||||||
ssl_certificate_key {{ certs_dir }}/{{ domain | get_tld }}/key.pem;
|
ssl_certificate_key {{ certs_dir }}/{{ domain | get_cert_domain }}/key.pem;
|
||||||
ssl_certificate {{ certs_dir }}/{{ domain | get_tld }}/cert.pem;
|
ssl_certificate {{ certs_dir }}/{{ domain | get_cert_domain }}/cert.pem;
|
||||||
ssl_certificate_key {{ certs_dir }}/{{ domain | get_tld }}/key.pem;
|
ssl_certificate_key {{ certs_dir }}/{{ domain | get_cert_domain }}/key.pem;
|
||||||
|
|
||||||
##
|
##
|
||||||
# OCSP Stapling
|
# OCSP Stapling
|
||||||
|
@ -28,7 +28,7 @@ server {
|
||||||
ssl_stapling on;
|
ssl_stapling on;
|
||||||
ssl_stapling_verify on;
|
ssl_stapling_verify on;
|
||||||
resolver {{ dns_resolvers }} valid=300s;
|
resolver {{ dns_resolvers }} valid=300s;
|
||||||
ssl_trusted_certificate {{ certs_dir }}/{{ domain | get_tld }}/cert.pem;
|
ssl_trusted_certificate {{ certs_dir }}/{{ domain | get_cert_domain }}/cert.pem;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
proxy_set_header Host $http_host;
|
proxy_set_header Host $http_host;
|
||||||
|
|
Loading…
Reference in New Issue