Add LOCAL_DOMAIN variable. #3
|
@ -2,3 +2,5 @@
|
|||
# Please note that the playbook will drop this database in preparation for Mastodon's
|
||||
# database setup process.
|
||||
DB_NAME:
|
||||
# Specify the hostname you wish to use (in case it doesn't match the server's name).
|
||||
LOCAL_DOMAIN:
|
||||
|
|
|
@ -16,7 +16,7 @@ DB_PASS=
|
|||
DB_PORT=5432
|
||||
|
||||
# Your instance's domain (Don't modify this, we get this from a variable)
|
||||
LOCAL_DOMAIN={{ ansible_nodename }}
|
||||
LOCAL_DOMAIN={{ LOCAL_DOMAIN }}
|
||||
# We have HTTPS enabled
|
||||
LOCAL_HTTPS=true
|
||||
|
||||
|
|
|
@ -18,11 +18,11 @@
|
|||
- name: Copy Mastodon nginx vhost template to sites-available
|
||||
template:
|
||||
src: mastodon-nginx.conf
|
||||
dest: /etc/nginx/sites-available/{{ ansible_nodename }}.conf
|
||||
dest: /etc/nginx/sites-available/{{ LOCAL_DOMAIN }}.conf
|
||||
- name: Enable Mastodon nginx vhost template
|
||||
file:
|
||||
src: /etc/nginx/sites-available/{{ ansible_nodename }}.conf
|
||||
dest: /etc/nginx/sites-enabled/{{ ansible_nodename }}.conf
|
||||
src: /etc/nginx/sites-available/{{ LOCAL_DOMAIN }}.conf
|
||||
dest: /etc/nginx/sites-enabled/{{ LOCAL_DOMAIN }}.conf
|
||||
state: link
|
||||
- name: Start nginx
|
||||
service: name=nginx state=started
|
||||
|
|
|
@ -6,7 +6,7 @@ map $http_upgrade $connection_upgrade {
|
|||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name {{ ansible_nodename }};
|
||||
server_name {{ LOCAL_DOMAIN }};
|
||||
# Useful for Let's Encrypt
|
||||
location /.well-known/acme-challenge/ { allow all; }
|
||||
location / { return 301 https://$host$request_uri; }
|
||||
|
@ -15,15 +15,15 @@ server {
|
|||
server {
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
server_name {{ ansible_nodename }};
|
||||
server_name {{ LOCAL_DOMAIN }};
|
||||
|
||||
ssl_protocols TLSv1.2;
|
||||
ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/{{ ansible_nodename }}/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/{{ ansible_nodename }}/privkey.pem;
|
||||
ssl_certificate /etc/letsencrypt/live/{{ LOCAL_DOMAIN }}/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/{{ LOCAL_DOMAIN }}/privkey.pem;
|
||||
|
||||
keepalive_timeout 70;
|
||||
sendfile on;
|
||||
|
|
Loading…
Reference in New Issue