diff --git a/roles/webgateway/templates/certbot.sh b/roles/webgateway/templates/certbot.sh index 3999ef3..c00ec81 100644 --- a/roles/webgateway/templates/certbot.sh +++ b/roles/webgateway/templates/certbot.sh @@ -1,8 +1,8 @@ #!/bin/bash # {{ansible_managed}} {% for proxysite in proxy %} -certbot renew --nginx --cert-name {{proxysite.domain}} +certbot renew --nginx --cert-name {{ proxysite.domain }} {% endfor %} {% for staticsite in static %} -certbot renew --nginx --cert-name {{staticsite.domain}} +certbot renew --nginx --cert-name {{ staticsite.domain }} {% endfor %} diff --git a/roles/webgateway/templates/nginx.conf b/roles/webgateway/templates/nginx.conf index 9a1f450..f7bcd84 100644 --- a/roles/webgateway/templates/nginx.conf +++ b/roles/webgateway/templates/nginx.conf @@ -62,11 +62,11 @@ http { server { listen 443 ssl http2; listen [::]:443 ssl http2 ipv6only=on; - server_name {{proxysite.domain}}; - ssl_certificate /etc/letsencrypt/live/{{proxysite.domain}}/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/{{proxysite.domain}}/privkey.pem; + server_name {{ proxysite.domain }}; + ssl_certificate /etc/letsencrypt/live/{{ proxysite.domain }}/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/{{ proxysite.domain }}/privkey.pem; location /{ - proxy_pass https://{{proxysite.ip}}; + proxy_pass https://{{ proxysite.ip }}; proxy_ssl_verify off; } } @@ -77,10 +77,10 @@ http { server { listen 443 ssl http2; listen [::]:443 ssl http2 ipv6only=on; - server_name {{staticsite.domain}}; - ssl_certificate /etc/letsencrypt/live/{{proxysite.domain}}/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/{{proxysite.domain}}/privkey.pem; - root {{staticsite.directory}}; + server_name {{ staticsite.domain }}; + ssl_certificate /etc/letsencrypt/live/{{ proxysite.domain }}/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/{{ proxysite.domain }}/privkey.pem; + root {{ staticsite.directory }}; location /{ try_files $uri $uri/ =404; }