Allow setting up a vhost for certgetter

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
author: Patrick Uiterwijk <puiterwijk@redhat.com> 2017-09-09 22:25:08 +0000
committer: Patrick Uiterwijk <puiterwijk@redhat.com> 2017-09-09 23:27:40 +0000
commit: 863dffdb663ed522cd1e9e974732e1c0ead5d404 (patch)
tree: 5cd55256c27dd15f5e7c5f21e1e125e906cb8fb7
parent: bdb5d657c6a028e7ec54e4092b19b2872bc81598 (diff)
download: ansible-863dffdb663ed522cd1e9e974732e1c0ead5d404.tar.gz
ansible-863dffdb663ed522cd1e9e974732e1c0ead5d404.tar.xz
ansible-863dffdb663ed522cd1e9e974732e1c0ead5d404.zip
2 files changed, 5 insertions, 0 deletions
diff --git a/roles/httpd/website/defaults/main.yml b/roles/httpd/website/defaults/main.yml
index 99aa8b079..8ad299dd7 100644
--- a/roles/httpd/website/defaults/main.yml
+++ b/roles/httpd/website/defaults/main.yml
@@ -4,6 +4,7 @@
 
 server_aliases: []
 server_admin: webmaster@fedoraproject.org
+certbot: false
 ssl: true
 sslonly: false
 SSLCertificateChainFile: wildcard-2017.fedoraproject.org.intermediate.cert
diff --git a/roles/httpd/website/templates/website.conf b/roles/httpd/website/templates/website.conf
index 654745225..8eed64873 100644
--- a/roles/httpd/website/templates/website.conf
+++ b/roles/httpd/website/templates/website.conf
@@ -10,6 +10,10 @@
   SetOutputFilter DEFLATE
 {% endif %}
 
+{% if certbot %}
+  ProxyPass "/.well-known/acme-challenge" "http://certgetter01/.well-known/acme-challenge"
+{% endif %}
+
 {% if sslonly %}
   RewriteEngine On
   RewriteCond %{HTTPS} off
author	Patrick Uiterwijk <puiterwijk@redhat.com>	2017-09-09 22:25:08 +0000
committer	Patrick Uiterwijk <puiterwijk@redhat.com>	2017-09-09 23:27:40 +0000
commit	863dffdb663ed522cd1e9e974732e1c0ead5d404 (patch)
tree	5cd55256c27dd15f5e7c5f21e1e125e906cb8fb7
parent	bdb5d657c6a028e7ec54e4092b19b2872bc81598 (diff)
download	ansible-863dffdb663ed522cd1e9e974732e1c0ead5d404.tar.gz ansible-863dffdb663ed522cd1e9e974732e1c0ead5d404.tar.xz ansible-863dffdb663ed522cd1e9e974732e1c0ead5d404.zip