From 93ccff9f130301e9cc863ce51e103cc80a090731 Mon Sep 17 00:00:00 2001
From: Pedro Alvarez <pedro.alvarez@codethink.co.uk>
Date: Mon, 9 Nov 2015 16:47:46 +0000
Subject: lighttpd: Add support for installing SSL certs

Change-Id: I4086b0302db67383d1bee62a45bd4538aa7dc745
---
 ansible/roles/trove-setup/tasks/lighttpd.yml | 24 ++++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)

(limited to 'ansible/roles/trove-setup/tasks/lighttpd.yml')

diff --git a/ansible/roles/trove-setup/tasks/lighttpd.yml b/ansible/roles/trove-setup/tasks/lighttpd.yml
index d757b5d..300373b 100644
--- a/ansible/roles/trove-setup/tasks/lighttpd.yml
+++ b/ansible/roles/trove-setup/tasks/lighttpd.yml
@@ -7,12 +7,32 @@
               -keyout /etc/lighttpd/certs/lighttpd.pem \
               -out /etc/lighttpd/certs/lighttpd.pem -days 36525 -nodes
          creates=/etc/lighttpd/certs/lighttpd.pem
+  when: TROVE_SSL_PEMFILE is not defined
+
+- name: Copy certifiacte for lighttpd if provided
+  copy:
+    src: "{{ TROVE_SSL_PEMFILE }}"
+    dest: /etc/lighttpd/certs/lighttpd.pem
+    mode: 0400
+  when: TROVE_SSL_PEMFILE is defined
+
+- name: Copy certifiacte for lighttpd if provided
+  copy:
+    src: "{{ TROVE_SSL_CA_FILE }}"
+    dest: /etc/lighttpd/certs/ca-certs.pem
+    mode: 0400
+  when: TROVE_SSL_CA_FILE is defined
 
 - name: Create /var/run/lighttpd for cache user
   file: path=/var/run/lighttpd state=directory owner=cache group=cache
 
-# Now that the lighttpd certificates and the /var/run/lighttpd exist, we can
-# enable the lighttpd-git service
+- name: Create git-httpd.conf from template
+  template:
+    src: lighttpd/git-httpd.conf
+    dest: /etc/lighttpd/git-httpd.conf
+
+# Now that the lighttpd certificates, configuration files and /var/run/lighttpd
+# exist, we can enable the lighttpd-git service
 - name: Enable lighttpd-git service
   service: name=lighttpd-git.service enabled=yes
   register: lighttpd_git_service
-- 
cgit v1.2.1