Implemented draft for wildcard certificate

2025-08-29 15:06:26 +02:00 · 2025-01-29 15:52:40 +01:00
parent eaed9837d1
commit eb6fdd29d3
9 changed files with 40 additions and 27 deletions
--- a/roles/docker-ldap/templates/nginx.stream.conf.j2
+++ b/roles/docker-ldap/templates/nginx.stream.conf.j2
@@ -3,8 +3,7 @@ server {
    proxy_pass 127.0.0.1:{{ldap_localhost_port}};

    # SSL Configuration for LDAPS
-    ssl_certificate /etc/letsencrypt/live/{{domain}}/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/{{domain}}/privkey.pem;
+    {% include 'roles/letsencrypt/templates/ssl_credentials.j2' %}
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers HIGH:!aNULL:!MD5;
 }
--- a/roles/docker-ldap/vars/main.yml
+++ b/roles/docker-ldap/vars/main.yml
@@ -7,4 +7,6 @@ ldap_localhost_port:          389

 # OAuth2 Proxy Configuration
 oauth2_proxy_upstream_application_and_port: "{{ ldap_webinterface }}:{% if ldap_webinterface == 'phpldapadmin' %}8080{% else %}80{% endif %}"
-oauth2_proxy_active:                        true
+oauth2_proxy_active:                        true
+
+enable_one_letsencrypt_cert_for_all:  false