add ssl cert
This commit is contained in:
n.simonov
@@ -68,3 +68,47 @@ postgres_connection_password: '{{ vault.postgres_connection_password }}'
|
||||
# Example: `matrix_coturn_turn_external_ip_addresses: ['1.2.3.4', '4.5.6.7']`
|
||||
#
|
||||
# matrix_coturn_turn_external_ip_address: ''
|
||||
|
||||
# Disable ACME / Let's Encrypt support.
|
||||
traefik_config_certificatesResolvers_acme_enabled: false
|
||||
|
||||
# Disabling ACME support (above) automatically disables the SSL directory to be created.
|
||||
# Force-enable it to be created with this configuration, because we'll add our certificate files there.
|
||||
traefik_ssl_dir_enabled: true
|
||||
|
||||
# Tell Traefik to load our custom SSL key pair by extending provider configuration.
|
||||
# The key pair files are created below, in `aux_file_definitions`.
|
||||
# Note that the `/ssl/…` path is an **in-container path**, not a path on the host (like `/matrix/traefik/ssl`). Do not change it!
|
||||
traefik_provider_configuration_extension_yaml:
|
||||
tls:
|
||||
certificates:
|
||||
- certFile: /ssl/cert.pem
|
||||
keyFile: /ssl/privkey.pem
|
||||
stores:
|
||||
default:
|
||||
defaultCertificate:
|
||||
certFile: /ssl/cert.pem
|
||||
keyFile: /ssl/privkey.pem
|
||||
|
||||
# Use the aux role to create our custom files on the server.
|
||||
# If you'd like to do this manually, remove this `aux_file_definitions` variable.
|
||||
aux_file_definitions:
|
||||
# Create the privkey.pem file on the server by
|
||||
# uploading a file from the computer where Ansible is running.
|
||||
- dest: "{{ traefik_ssl_dir_path }}/privkey.pem"
|
||||
src: inventory/ssl/privkey.pem
|
||||
# Alternatively, comment out `src` above and uncomment the lines below to provide the certificate content inline.
|
||||
# Mind the indentation level (indented with two white space characters).
|
||||
# content: |
|
||||
# FILE CONTENT
|
||||
# HERE
|
||||
|
||||
# Create the cert.pem file on the server
|
||||
# uploading a file from the computer where Ansible is running.
|
||||
- dest: "{{ traefik_ssl_dir_path }}/cert.pem"
|
||||
src: inventory/ssl/cert.pem
|
||||
# Alternatively, comment out `src` above and uncomment the lines below to provide the certificate content inline.
|
||||
# Mind the indentation level (indented with two white space characters).
|
||||
# content: |
|
||||
# FILE CONTENT
|
||||
# HERE
|
||||
|
||||
Reference in New Issue
Block a user