refactored ssl

roles/native-homepage/tasks/main.yml

@@ -1,5 +1,5 @@
 - name: configure {{domain}}.conf
-  template: src=homepage.nginx.conf dest=/etc/nginx/conf.d/{{domain}}.conf
+  template: src=homepage.nginx.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
   notify: restart nginx
 
 - name: recieve {{domain}} certificate

roles/native-homepage/templates/homepage.nginx.conf

@@ -1,23 +0,0 @@
-#default
-server
-{
-  server_name {{domain}};
-  listen 443 ssl http2;
-  listen [::]:443 ssl http2;
-  ssl_session_timeout 1d;
-  ssl_session_cache shared:SSL:50m;
-  ssl_session_tickets off;
-  ssl_prefer_server_ciphers on;
-  add_header Strict-Transport-Security max-age=15768000;
-  ssl_stapling on;
-  ssl_stapling_verify on;
-  ssl_certificate /etc/letsencrypt/live/{{domain}}/fullchain.pem;
-  ssl_certificate_key /etc/letsencrypt/live/{{domain}}/privkey.pem;
-  ssl_trusted_certificate /etc/letsencrypt/live/{{domain}}/chain.pem;
-  
-  location /
-  {
-    root /usr/share/nginx/homepage;
-    index index.html index.htm;
-  }
-}

roles/native-homepage/templates/homepage.nginx.conf.j2

@@ -0,0 +1,13 @@
+#default
+server
+{
+  server_name {{domain}};
+  
+  {% include 'roles/native-letsencrypt/templates/ssl_header.j2' %}
+
+  location /
+  {
+    root /usr/share/nginx/homepage;
+    index index.html index.htm;
+  }
+}