1
0
mirror of https://github.com/krislamo/vagrant-easyredmine synced 2024-12-16 07:20:36 +00:00

configure nginx with ssl

This commit is contained in:
Mark Heiges 2015-11-21 21:43:47 -05:00
parent fcbdd5c85b
commit d96039bf1a
3 changed files with 76 additions and 2 deletions

View File

@ -0,0 +1,54 @@
-----BEGIN CERTIFICATE-----
MIIEkDCCAngCAV4wDQYJKoZIhvcNAQELBQAwgZkxCzAJBgNVBAYTAlVTMRUwEwYD
VQQIEwxQZW5uc3lsdmFuaWExFTATBgNVBAcTDFBoaWxhZGVscGhpYTEtMCsGA1UE
ChMkQXBpREIgQmlvaW5mb3JtYXRpY3MgUmVzb3VyY2UgQ2VudGVyMQ4wDAYDVQQD
EwVBcGlEQjEdMBsGCSqGSIb3DQEJARYOaGVscEBhcGlkYi5vcmcwHhcNMTUxMTIx
MTgwNTQ0WhcNMjAxMTE5MTgwNTQ0WjCBgTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
B0dlb3JnaWExDzANBgNVBAcMBkF0aGVuczEwMC4GA1UECgwnRXVQYXRoREIgQmlv
aW5mb3JtYXRpY3MgUmVzb3VyY2UgQ2VudGVyMR0wGwYDVQQDDBRyZWRtaW5lLnZt
LmFwaWRiLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANEq1+8B
1nbX/3JtvZAK3A0p4oqM6Zqy9t3C//BjlAhiaVFSGkvr3h+S8M8KL9m4Ty4GxxP0
1Ei7HtTyGc7/N3iiw1p+0eDcwT1SFT9p43M/pZpyq7Y0LO3XK5Pe3CN5pcTaqhEE
NoHgul6wvgr1U8XwSo197l3XnrkS2CAHJYKX+p3BdKC+83qzd62RvzW+Yo0J8ces
xTcNKf/bdKLhjbX3nfZsfPmVtimBlA8UyEnnUd+UVj88RPsF/tG/mrnRpd/+Z43C
90RYLiDGyRk4y+lBUEwVtaQpiN74L4DHjvjxXCgFr94Kwx7ADNlDmF+sq2lJHvG/
BnGjoJZg9zcsmIsCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEACtJ86trNYyXNDC+t
d01bxdXL4TjKxVT3Pg1arJadOWr5yfm5lvBLUGweRQj0KYP1GeRlN21HkbS8d8u+
tGRkdPS8MpCcmc+VjuiUVNeZCxSRxwNfq09x1yQVVVAoHI63roICY20wISNKtbdC
ylguWzJrUfx56X1ys9MkenKfuINsuABdtBDJ8A/17/rNkyeZTV4OgLEp2lCzCxGo
uW/5RmoYHoAS7d4uZO7zRu6ipScUGuZst+JsI8o1crA7rSeAsCMrK8BK5W5rntOI
47Jc4CD1xaVh2CjMzg+JaDRoYYPlRr77pw7LSzKv7H3dKzYKbBzWxTVhfzvwSBXN
ge6D19fNyXiXFjRQryWhTMXnadqeUWJogqDGGbHb2FNiiHajpGRP3Rl/YNjxQYvM
PG0oc1czY83HHNHSbfr/2vuP4rUI1JLmpRfxz6TkpVrlt6zk92PjtxesXgrGKYYE
R1dG1tzKADIYF65DgUPvlGlYSpHT8HkEXwohECtImiP6LWSMCCiM7LFlCX8N5r3j
EUAXLhqiOblyKQLCjN923Lgcf3E6w97P8xyasOpwYCXs6Kcu/aV70SpIaEa3mgHq
ZW3ERxyAQ8nhyGCGHGA/MV4AxahpO+I4hs2HH9SsEfIbqkKeWO08KsNONDe1WMPY
HSPWyR36nspAshocfNhwB4qxsnA=
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA0SrX7wHWdtf/cm29kArcDSniiozpmrL23cL/8GOUCGJpUVIa
S+veH5Lwzwov2bhPLgbHE/TUSLse1PIZzv83eKLDWn7R4NzBPVIVP2njcz+lmnKr
tjQs7dcrk97cI3mlxNqqEQQ2geC6XrC+CvVTxfBKjX3uXdeeuRLYIAclgpf6ncF0
oL7zerN3rZG/Nb5ijQnxx6zFNw0p/9t0ouGNtfed9mx8+ZW2KYGUDxTISedR35RW
PzxE+wX+0b+audGl3/5njcL3RFguIMbJGTjL6UFQTBW1pCmI3vgvgMeO+PFcKAWv
3grDHsAM2UOYX6yraUke8b8GcaOglmD3NyyYiwIDAQABAoIBAQCVH7p7iA/jAvP4
HQ09GMDyEZ6VsQkLZfRi/peCRzxPDfqQI7zjy/G9CQHuWhDrZF/vLJ3aOH7wq5e7
si98SLC/rSsh5bC0ZC7RDShg4ZlrnUDv8DlD2cb+ep1y+zxvflcVFeCR6TMDPbkh
sViMb4OeZ0Z/wfyjowpiYHD9xJqVk4LwH3n609TBh3ve0ldS6E6nLkOYzR1aLqBO
RvwCmWG/lwbTuOctVrzZMmdq/+t7oOgLRhk0HoHHhFarZbKlXJVDcGaOoXRMJD+m
rSGF+YTsMRQuzMGAO6XNP+fzIDa7VUylsTFGxGFziYLeVbSyJbNMmgKc2x5URN9L
7hycaqehAoGBAOwQyMMywr4MtysUNF4VIspBjCHWiyByAcz+H9dGhjEMvu+qk/LO
Zt5JV/QWcNFJ+ZdiZII6l04Atlz7+j7iDS6MNO17jA9Pr/InwFa7Z66NwRbUOjPa
H/rvF/U49Ktqe0yLw3nbwC/oBHqicqXaCjon8pHnsm2S18aaEYpjEkC9AoGBAOLU
lFm1nlK5SZEu7csr9lcZCTRM0uNMud3CBvL6RoSbwsKIEoNtnyDmXnBctla1hZuQ
jHxzrA4cIz2Ml3SiibHzyT8qm1pISQ30hzOl4bYJTh9jjuMiZWSZQTiTkHkzcbMn
EGbWfoO92aBqn1AlzhGwbDrnkOLcoYjCwFVBSsbnAoGBAN5suh1h2KglZvjKIsV6
+LrFo/nGInTBtvylfO7j3lCdB9LeUGR5IefUB3FPK6GnJ+sBpF4oQqQWe72FFjbl
2zG+nagdvsw2czuhRNLz5S9NFWAjO2vb3EIdwd8meTKCNAbdsaNB8QWygXXjVk76
8KP3O9FKFI61y2WviVNxIaOpAoGBAMuxYlb9BWP8B9hccCYXIGwui1lv86EycWZ2
qo7fuRu0VD0kvJtRgailtwDoAMX01DpSoBXSOhuhoPPQoOGYZFZtObeDp2Z3q0Lg
59i1ie9Sg9kkKlhFtw+ToEISIZb1X5El71CqJYpgnmGz3cS3bknsSATNlgpjXpvV
Z6onq+LZAoGAPuK5y8vBIaRlf07UUW5NziM1vgbJFzbrkslSC4CAWn7Cz3150zNL
syWn+r2kWDIfp4XMXa2SoMrjHGJVro6Iv/C2CJzpajBkDS8qtZPAtbBE7dF3ZwbP
iIepRR0dQ6xKOo9wpg5UGh7Xckthet6Dnb8f1wRtjtuqt1fC4AdPYac=
-----END RSA PRIVATE KEY-----

View File

@ -21,8 +21,8 @@
- nginx
- passenger
- template: dest=/etc/nginx/conf.d/easyredmine.conf
src=easyredmine.conf.j2
- template: dest='/etc/nginx/conf.d/{{ ansible_fqdn }}.conf'
src=nginx.conf.j2
sudo: yes
notify: restart nginx
@ -31,6 +31,11 @@
sudo: yes
notify: restart nginx
- copy: dest='/etc/pki/tls/certs/{{ ansible_fqdn }}.pem'
src='{{ nginx_pem }}'
sudo: yes
notify: restart nginx
- service: name=nginx
state=started
sudo: yes

View File

@ -0,0 +1,15 @@
server {
listen 80;
server_name {{ ansible_fqdn }};
return 301 https://$host$request_uri;
}
server {
listen 443;
server_name {{ ansible_fqdn }};
ssl on;
ssl_certificate /etc/pki/tls/certs/{{ ansible_fqdn }}.pem;
ssl_certificate_key /etc/pki/tls/certs/{{ ansible_fqdn }}.pem;
root {{ redmine_root_dir }}/public;
passenger_enabled on;
}