ops / cfe-nginx-php-fpm · Commits

Commit 51506a88ff07150972d250b6165c21df5793d853

Authored by Earth Ugat
1 parent 43cf8729

Version v0.5.6. Add option to specify existing SSL certs.

Inline Side-by-side
Showing 4 changed files with 16 additions and 7 deletions
  1 +## 0.5.6 - 2017-05-19
  2 +### Added
  3 +- Options :cert_path andd :key_path for the ssl hash in the attributes file. This gives the ability to specify existing SSL certs.
  4 +
1 ## 0.5.5 - 2017-04-05 5 ## 0.5.5 - 2017-04-05
2 ### Changed 6 ### Changed
3 - Update ca-certificate URL from 'http://curl.haxx.se/ca/cacert.pem' to 'https://curl.haxx.se/ca/cacert.pem'. 7 - Update ca-certificate URL from 'http://curl.haxx.se/ca/cacert.pem' to 'https://curl.haxx.se/ca/cacert.pem'.
@@ -95,16 +95,17 @@ default['cfe-nginx-php-fpm']['nginx']['sites'] = [ @@ -95,16 +95,17 @@ default['cfe-nginx-php-fpm']['nginx']['sites'] = [
95 # 95 #
96 # # If LetsEncrypt is used, set to true. 96 # # If LetsEncrypt is used, set to true.
97 # # le_sub_dir defaults to the server name. 97 # # le_sub_dir defaults to the server name.
98 - # #  
99 # :letsencrypt => false, 98 # :letsencrypt => false,
100 # :le_base_dir => '/etc/letsencrypt/live', 99 # :le_base_dir => '/etc/letsencrypt/live',
101 # :le_sub_dir => '<server_name>', 100 # :le_sub_dir => '<server_name>',
102 # 101 #
103 - # # If not using LetsEncrypt, specify cert and key here.  
104 - # # If using LetsEncrypt, these attributes are not used:  
105 - # #  
106 - # :cert => '<contents of chain cert here>',  
107 - # :key => '<contents of cert private key here>', 102 + # # Paths can also be specified if using existing certs:
  103 + # :cert_path => 'path/to/cert', # default: nil
  104 + # :key_path => 'path/to/key', # default: nil
  105 + #
  106 + # # Otherwise, specify cert and key here:
  107 + # :cert => '<contents of chain cert here>', # default: nil
  108 + # :key => '<contents of cert private key here>', # default: nil
108 # 109 #
109 # :self_signed => false, 110 # :self_signed => false,
110 # :cipher_suite => 'medium', # or 'modern' 111 # :cipher_suite => 'medium', # or 'modern'
@@ -4,7 +4,7 @@ maintainer_email 'sysadmin@chromedia.com' @@ -4,7 +4,7 @@ maintainer_email 'sysadmin@chromedia.com'
4 license 'Apache License' 4 license 'Apache License'
5 description 'Simplifies setup of Nginx+PHP-FPM in Chromedia.' 5 description 'Simplifies setup of Nginx+PHP-FPM in Chromedia.'
6 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) 6 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
7 -version '0.5.5' 7 +version '0.5.6'
8 8
9 { 9 {
10 'openssl' => '4.4.0', 10 'openssl' => '4.4.0',
@@ -96,6 +96,10 @@ node[cb]['nginx']['sites'].each do |site| @@ -96,6 +96,10 @@ node[cb]['nginx']['sites'].each do |site|
96 path_crt = "#{le_base_dir}/#{le_sub_dir}/fullchain.pem" 96 path_crt = "#{le_base_dir}/#{le_sub_dir}/fullchain.pem"
97 path_key = "#{le_base_dir}/#{le_sub_dir}/privkey.pem" 97 path_key = "#{le_base_dir}/#{le_sub_dir}/privkey.pem"
98 98
  99 + elsif site_ssl[:cert_path] && site_ssl[:key_path]
  100 + path_crt = site_ssl[:cert_path]
  101 + path_key = site_ssl[:key_path]
  102 +
99 else 103 else
100 path_crt = "#{priv_dir}/#{site_sname}.crt" 104 path_crt = "#{priv_dir}/#{site_sname}.crt"
101 path_key = "#{priv_dir}/#{site_sname}.key" 105 path_key = "#{priv_dir}/#{site_sname}.key"