ISTI-ansible-roles
/
ansible-role-postgresql
5
0
Fork 1
Code Issues Pull Requests Releases Wiki Activity

Fix the letsencrypt defaults.

This commit is contained in:
Andrea Dell'Amico 2021-10-09 17:21:53 +02:00
parent 974c435e20
commit 7b2a0a1b1e
Signed by: adellam
GPG Key ID: 147ABE6CEB9E20FF
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
defaults/main.yml
View File

@ -120,8 +120,9 @@ psql_force_ssl_client_connection: False
postgresql_letsencrypt_managed: '{{ psql_enable_ssl }}' postgresql_letsencrypt_managed: '{{ psql_enable_ssl }}'
psql_ssl_privkey_global_file: '/var/lib/acme/live/{{ ansible_fqdn }}/privkey' psql_ssl_privkey_global_file: '/var/lib/acme/live/{{ ansible_fqdn }}/privkey'
psql_ssl_privkey_file: /etc/pki/postgresql/postgresql.key psql_ssl_privkey_file: /etc/pki/postgresql/postgresql.key
psql_ssl_cert_file: '/var/lib/acme/live/{{ ansible_fqdn }}/cert' psql_ssl_cert_file: '/var/lib/acme/live/{{ ansible_fqdn }}/fullchain'
psql_ssl_ca_file: '/var/lib/acme/live/{{ ansible_fqdn }}/fullchain' # In CentOS/RHEL is /etc/pki/tls/cert.pem
psql_ssl_ca_file: '/etc/ssl/certs/ca-certificates.crt'
psql_conf_ssl_parameters: psql_conf_ssl_parameters:
- { name: 'ssl', value: 'true' } - { name: 'ssl', value: 'true' }
- { name: 'ssl_cert_file', value: '{{ psql_ssl_cert_file }}' } - { name: 'ssl_cert_file', value: '{{ psql_ssl_cert_file }}' }