nginx: support certificates for multiple domains

Uses `tls_domains` config context property from NetBox.
This commit is contained in:
Timotej Lazar 2024-11-15 11:25:50 +01:00
parent 554bf1f711
commit c970c562a9
2 changed files with 8 additions and 1 deletions

3
roles/nginx/README.md Normal file
View file

@ -0,0 +1,3 @@
Install nginx, set up generic HTTPS redirects and the .well-known directory.
Acquire Let’s Encrypt certificates for the primary IP `dns_name` and any domains listed in the `tls_domains` context property.

View file

@ -26,7 +26,11 @@
- name: Get LE certificate
command:
cmd: certbot certonly --non-interactive --agree-tos --register-unsafely-without-email --webroot --webroot-path /srv/http -d {{ dns_name }}
cmd: >
certbot certonly
--non-interactive --agree-tos --register-unsafely-without-email
--webroot --webroot-path /srv/http
-d {{ ([dns_name] + tls_domains|default([])) | join(',') }}
creates: '/etc/letsencrypt/renewal/{{ dns_name }}.conf'
- name: Install certificate renewal deployment hook