Implemented SAN via Letsencrypt and Certbot

2025-08-29 15:06:26 +02:00 · 2025-04-28 16:47:51 +02:00
parent 0fc9c3e495
commit 04deeef385
28 changed files with 411 additions and 224 deletions
--- a/roles/letsencrypt/templates/letsencrypt.conf.j2
+++ b/roles/letsencrypt/templates/letsencrypt.conf.j2
@@ -9,7 +9,7 @@ server
  #letsencrypt
  location ^~ /.well-known/acme-challenge/ {
    allow all;
-    root /var/lib/letsencrypt/;
+    root {{ certbot_webroot_path }};
    default_type "text/plain";
    try_files $uri =404;
  }
--- a/roles/letsencrypt/templates/ssl_credentials.j2
+++ b/roles/letsencrypt/templates/ssl_credentials.j2
@@ -1,4 +1,3 @@
-{% set ssl_cert_folder = primary_domain if enable_wildcard_certificate | bool and primary_domain in domain else domain %}
-ssl_certificate /etc/letsencrypt/live/{{ ssl_cert_folder }}/fullchain.pem;
-ssl_certificate_key /etc/letsencrypt/live/{{ ssl_cert_folder }}/privkey.pem;
-ssl_trusted_certificate /etc/letsencrypt/live/{{ ssl_cert_folder }}/chain.pem;
+ssl_certificate         {{ certbot_cert_path }}/{{ ssl_cert_folder }}/fullchain.pem;
+ssl_certificate_key     {{ certbot_cert_path }}/{{ ssl_cert_folder }}/privkey.pem;
+ssl_trusted_certificate {{ certbot_cert_path }}/{{ ssl_cert_folder }}/chain.pem;