Commit 51506a88ff07150972d250b6165c21df5793d853
1 parent
43cf8729
Version v0.5.6. Add option to specify existing SSL certs.
Showing
4 changed files
with
16 additions
and
7 deletions
| 1 | +## 0.5.6 - 2017-05-19 | |
| 2 | +### Added | |
| 3 | +- Options :cert_path andd :key_path for the ssl hash in the attributes file. This gives the ability to specify existing SSL certs. | |
| 4 | + | |
| 1 | 5 | ## 0.5.5 - 2017-04-05 |
| 2 | 6 | ### Changed |
| 3 | 7 | - Update ca-certificate URL from 'http://curl.haxx.se/ca/cacert.pem' to 'https://curl.haxx.se/ca/cacert.pem'. | ... | ... |
| ... | ... | @@ -95,16 +95,17 @@ default['cfe-nginx-php-fpm']['nginx']['sites'] = [ |
| 95 | 95 | # |
| 96 | 96 | # # If LetsEncrypt is used, set to true. |
| 97 | 97 | # # le_sub_dir defaults to the server name. |
| 98 | - # # | |
| 99 | 98 | # :letsencrypt => false, |
| 100 | 99 | # :le_base_dir => '/etc/letsencrypt/live', |
| 101 | 100 | # :le_sub_dir => '<server_name>', |
| 102 | 101 | # |
| 103 | - # # If not using LetsEncrypt, specify cert and key here. | |
| 104 | - # # If using LetsEncrypt, these attributes are not used: | |
| 105 | - # # | |
| 106 | - # :cert => '<contents of chain cert here>', | |
| 107 | - # :key => '<contents of cert private key here>', | |
| 102 | + # # Paths can also be specified if using existing certs: | |
| 103 | + # :cert_path => 'path/to/cert', # default: nil | |
| 104 | + # :key_path => 'path/to/key', # default: nil | |
| 105 | + # | |
| 106 | + # # Otherwise, specify cert and key here: | |
| 107 | + # :cert => '<contents of chain cert here>', # default: nil | |
| 108 | + # :key => '<contents of cert private key here>', # default: nil | |
| 108 | 109 | # |
| 109 | 110 | # :self_signed => false, |
| 110 | 111 | # :cipher_suite => 'medium', # or 'modern' | ... | ... |
| ... | ... | @@ -4,7 +4,7 @@ maintainer_email 'sysadmin@chromedia.com' |
| 4 | 4 | license 'Apache License' |
| 5 | 5 | description 'Simplifies setup of Nginx+PHP-FPM in Chromedia.' |
| 6 | 6 | long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) |
| 7 | -version '0.5.5' | |
| 7 | +version '0.5.6' | |
| 8 | 8 | |
| 9 | 9 | { |
| 10 | 10 | 'openssl' => '4.4.0', | ... | ... |
| ... | ... | @@ -96,6 +96,10 @@ node[cb]['nginx']['sites'].each do |site| |
| 96 | 96 | path_crt = "#{le_base_dir}/#{le_sub_dir}/fullchain.pem" |
| 97 | 97 | path_key = "#{le_base_dir}/#{le_sub_dir}/privkey.pem" |
| 98 | 98 | |
| 99 | + elsif site_ssl[:cert_path] && site_ssl[:key_path] | |
| 100 | + path_crt = site_ssl[:cert_path] | |
| 101 | + path_key = site_ssl[:key_path] | |
| 102 | + | |
| 99 | 103 | else |
| 100 | 104 | path_crt = "#{priv_dir}/#{site_sname}.crt" |
| 101 | 105 | path_key = "#{priv_dir}/#{site_sname}.key" | ... | ... |