From 826cadda63fe4a5e2e394e0179097d5dc41b78bc Mon Sep 17 00:00:00 2001 From: Oliver Davies Date: Thu, 31 May 2018 23:25:35 +0100 Subject: [PATCH] Update domains and certificates --- ansible/provision.yml | 49 ++++++++++++++++++++++++------------------- 1 file changed, 28 insertions(+), 21 deletions(-) diff --git a/ansible/provision.yml b/ansible/provision.yml index 7fca4d88..161ad75a 100644 --- a/ansible/provision.yml +++ b/ansible/provision.yml @@ -7,37 +7,35 @@ vars: certbot_create_if_missing: yes - certbot_admin_email: opdavies+https@gmail.com + certbot_admin_email: 'opdavies+https@gmail.com' certbot_certs: - - email: '{{ certbot_admin_email }}' - domains: - - oliverdavi.es - - www.oliverdavi.es + - domains: + - oliverdavies.co.uk + - www.oliverdavies.co.uk - domains: - oliverdavies.uk - www.oliverdavies.uk + - domains: + - oliverdavi.es + - www.oliverdavi.es + nginx_vhosts: - listen: 80 - server_name: 'oliverdavi.es www.oliverdavi.es' - return: 301 https://{{ server_name }}$request_uri - filename: oliverdavi.es.80.conf - - - listen: 80 - server_name: 'oliverdavies.uk www.oliverdavies.uk' + server_name: _ return: 301 https://{{ server_name }}$request_uri filename: oliverdavies.uk.80.conf - listen: 443 ssl - server_name: 'oliverdavies.uk www.oliverdavies.uk' + server_name: oliverdavies.co.uk www.oliverdavies.co.uk extra_parameters: | - ssl_certificate /etc/letsencrypt/live/oliverdavies.uk/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/oliverdavies.uk/privkey.pem; - ssl_trusted_certificate /etc/letsencrypt/live/oliverdavies.uk/fullchain.pem; + ssl_certificate /etc/letsencrypt/live/oliverdavies.co.uk/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/oliverdavies.co.uk/privkey.pem; + ssl_trusted_certificate /etc/letsencrypt/live/oliverdavies.co.uk/fullchain.pem; return: 301 https://{{ server_name }}$request_uri - filename: oliverdavies.uk.443.conf + filename: oliverdavies.co.uk.443.conf - listen: 443 ssl - server_name: oliverdavi.es + server_name: oliverdavi.es www.oliverdavi.es extra_parameters: | ssl_certificate /etc/letsencrypt/live/oliverdavi.es/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/oliverdavi.es/privkey.pem; @@ -45,6 +43,15 @@ return: 301 https://{{ server_name }}$request_uri filename: oliverdavi.es.443.conf + - listen: 443 ssl + server_name: oliverdavies.uk + extra_parameters: | + ssl_certificate /etc/letsencrypt/live/oliverdavies.uk/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/oliverdavies.uk/privkey.pem; + ssl_trusted_certificate /etc/letsencrypt/live/oliverdavies.uk/fullchain.pem; + return: 301 https://{{ server_name }}$request_uri + filename: oliverdavies.uk.443.conf + - listen: 443 ssl server_name: '{{ server_name }}' root: '/srv/{{ server_name }}/{{ ansistrano_current_dir }}/output_prod' @@ -52,9 +59,9 @@ nginx_access_log: '/var/log/nginx/{{ server_name }}_access.log warn' error_page: 404 /404.html extra_parameters: | - ssl_certificate /etc/letsencrypt/live/oliverdavi.es/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/oliverdavi.es/privkey.pem; - ssl_trusted_certificate /etc/letsencrypt/live/oliverdavi.es/fullchain.pem; + ssl_certificate /etc/letsencrypt/live/oliverdavies.uk/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/oliverdavies.uk/privkey.pem; + ssl_trusted_certificate /etc/letsencrypt/live/oliverdavies.uk/fullchain.pem; rewrite ^/(services|work)/?$ /experience permanent; rewrite ^/about/?$ / permanent; @@ -202,7 +209,7 @@ rewrite ^/terms-and-conditions/?$ /terms permanent; rewrite ^/twitter/?$ https://twitter.com/opdavies permanent; rewrite ^/youtube/?$ https://www.youtube.com/channel/UC5QoKapQ4bXOVMvN_ng_TYw permanent; - filename: www.oliverdavi.es.443.conf + filename: www.oliverdavies.uk.443.conf roles: - name: geerlingguy.certbot