diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2016-07-10 05:05:46 +0200 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2016-07-10 05:05:46 +0200 |
| commit | d6ff0c078e6d70e50c888e016a8a8b9b0d8d7782 (patch) | |
| tree | 03dc91145b2ccf5db868ca397e3029365fdbc50a /roles/lacme | |
| parent | 37464e75e1863a89d757077400543dea7b9317ac (diff) | |
Postfix MX/MSA instances: put certs in the the instance's $config_directory.
Diffstat (limited to 'roles/lacme')
| -rw-r--r-- | roles/lacme/templates/etc/lacme/lacme-certs.conf.j2 | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/roles/lacme/templates/etc/lacme/lacme-certs.conf.j2 b/roles/lacme/templates/etc/lacme/lacme-certs.conf.j2 index ca3415a..393826f 100644 --- a/roles/lacme/templates/etc/lacme/lacme-certs.conf.j2 +++ b/roles/lacme/templates/etc/lacme/lacme-certs.conf.j2 @@ -1,44 +1,44 @@ hash = sha512 keyusage = digitalSignature, keyEncipherment {% if 'IMAP' in group_names %} [imap] certificate-key = /etc/dovecot/ssl/imap.fripost.org.key certificate-chain = /etc/dovecot/ssl/imap.fripost.org.pem subject = /O=Fripost/CN=imap.fripost.org subjectAltName = DNS:imap.fripost.org,DNS:sieve.fripost.org notify = /bin/systemctl restart dovecot {% endif %} {% if 'MSA' in group_names %} [smtp] -certificate-key = /etc/postfix/ssl/smtp.fripost.org.key -certificate-chain = /etc/postfix/ssl/smtp.fripost.org.pem +certificate-key = /etc/postfix-{{ postfix_instance.MSA.name }}/ssl/smtp.fripost.org.key +certificate-chain = /etc/postfix-{{ postfix_instance.MSA.name }}/ssl/smtp.fripost.org.pem subject = /O=Fripost/CN=smtp.fripost.org notify = /bin/systemctl reload postfix {% endif %} {% if 'MX' in group_names %} [mx] -certificate-key = /etc/postfix/ssl/mx.fripost.org.key -certificate-chain = /etc/postfix/ssl/mx.fripost.org.pem +certificate-key = /etc/postfix-{{ postfix_instance.MX.name }}/ssl/mx.fripost.org.key +certificate-chain = /etc/postfix-{{ postfix_instance.MX.name }}/ssl/mx.fripost.org.pem subject = /O=Fripost/CN=mx{{ mxno }}.fripost.org notify = /bin/systemctl reload postfix {% endif %} {% if 'lists' in group_names %} [lists] certificate-key = /etc/nginx/ssl/lists.fripost.org.key certificate-chain = /etc/nginx/ssl/lists.fripost.org.pem subject = /O=Fripost/CN=lists.fripost.org notify = /bin/systemctl reload nginx {% endif %} {% if 'wiki' in group_names %} [www] certificate-key = /etc/nginx/ssl/www.fripost.org.key certificate-chain = /etc/nginx/ssl/www.fripost.org.pem subject = /O=Fripost/CN=fripost.org subjectAltName = DNS:fripost.org,DNS:www.fripost.org,DNS:wiki.fripost.org notify = /bin/systemctl reload nginx {% endif %} |