diff --git a/defaults/main.yaml b/defaults/main.yaml index ef876c6..23bb8c0 100644 --- a/defaults/main.yaml +++ b/defaults/main.yaml @@ -8,9 +8,9 @@ nextcloud_subdomain: nextcloud nextcloud_www_path: '/var/www/nextcloud/' -nextcloud_ssl: false -nextcloud_ssl_certificate_path: "/etc/ssl/nginx/{{ nextcloud_subdomain }}.{{ domain_name }}.crt" -nextcloud_ssl_key_path: "/etc/ssl/nginx/{{ nextcloud_subdomain }}.{{ domain_name }}.key" +nextcloud_ssl: true +nextcloud_ssl_certificate_path: "/etc/ssl/certs/ssl-cert-snakeoil.pem" +nextcloud_ssl_key_path: "/etc/ssl/private/ssl-cert-snakeoil.key" # Apache configuration diff --git a/tasks/apache2_template.yaml b/tasks/apache2_template.yaml index 2887ad8..f7619be 100644 --- a/tasks/apache2_template.yaml +++ b/tasks/apache2_template.yaml @@ -1,9 +1,19 @@ --- +- name: Write Apache2 SSL nextcloud.conf file + ansible.builtin.template: + src: apache2_ssl_nextcloud.conf.j2 + dest: "{{ nextcloud_apache2_config_path }}" + mode: '0644' + become: true + when: nextcloud_ssl + notify: Enable Nextcloud site + - name: Write Apache2 nextcloud.conf file ansible.builtin.template: src: apache2_nextcloud.conf.j2 dest: "{{ nextcloud_apache2_config_path }}" mode: '0644' become: true + when: not nextcloud_ssl notify: - Enable Nextcloud site diff --git a/templates/apache2_ssl_nextcloud.conf.j2 b/templates/apache2_ssl_nextcloud.conf.j2 new file mode 100644 index 0000000..299d88e --- /dev/null +++ b/templates/apache2_ssl_nextcloud.conf.j2 @@ -0,0 +1,32 @@ +# {{ ansible_managed }} + + + + ServerName {{ ansible_hostname }}.{{ domain_name }} + + DocumentRoot {{ nextcloud_www_path }} + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + SSLEngine on + SSLCertificateFile {{ nextcloud_ssl_certificate_path }} + SSLCertificateKeyFile {{ nextcloud_ssl_key_path }} + + + Require all granted + AllowOverride All + Options FollowSymLinks MultiViews + + + Dav off + + + + + SSLOptions +StdEnvVars + + + + +# vim: syntax=apache ts=4 sw=4 sts=4 sr noet