Râu Cao
e4112a3626
Some recipes weren't updated for the proxy validation yet. Needed to split the ejabberd cert in two, so it can do normal validation on `.org` and proxy validation on `.chat`.
20 lines
640 B
Ruby
20 lines
640 B
Ruby
app_name = "hal8000_xmpp"
|
|
domain = node[app_name]['domain']
|
|
|
|
upstream_host = search(:node, "role:hubot").first["knife_zero"]["host"]
|
|
|
|
tls_cert_for domain do
|
|
auth "gandi_dns"
|
|
acme_domain "letsencrypt.kosmos.org"
|
|
action :create
|
|
end
|
|
|
|
openresty_site domain do
|
|
template 'nginx_conf_hubot.erb'
|
|
variables express_port: node[app_name]['http_port'],
|
|
server_name: node[app_name]['domain'],
|
|
ssl_cert: "/etc/letsencrypt/live/#{node[app_name]['domain']}/fullchain.pem",
|
|
ssl_key: "/etc/letsencrypt/live/#{node[app_name]['domain']}/privkey.pem",
|
|
upstream_host: upstream_host
|
|
end
|