diff --git a/docs/rolereference.rst b/docs/rolereference.rst index 1da5c84f8192ea4249a444c778f0d144de0efdae..26ed896ff4cd9fd754f87f7a4ff129f8a4272a3e 100644 --- a/docs/rolereference.rst +++ b/docs/rolereference.rst @@ -486,11 +486,11 @@ Parameters ` for value description and syntax. -**ldap_server_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/FQDN_ldap.pem``) +**ldap_server_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/ansible_facts[host]['fqdn']_ldap.pem``) Path to file on Ansible host that contains the X.509 certificate used for TLS for LDAP service. The file will be copied to directory ``/etc/ssl/certs/``. -**ldap_server_tls_key** (string, optional, ``{{ tls_private_key_dir }}/FQDN_ldap.key``) +**ldap_server_tls_key** (string, optional, ``{{ tls_private_key_dir }}/ansible_facts[host]['fqdn']_ldap.key``) Path to file on Ansible host that contains the private key used for TLS for LDAP service. The file will be copied to directory ``/etc/ssl/private/``. @@ -591,11 +591,11 @@ Parameters Prosody. Each item is a string with value equal to XMPP user ID (i.e. ``john.doe@example.com``). -**xmpp_tls_key** (string, optional, ``{{ tls_private_key_dir }}/FQDN_xmpp.key``) +**xmpp_tls_key** (string, optional, ``{{ tls_private_key_dir }}/ansible_facts[host]['fqdn']_xmpp.key``) Path to file on Ansible host that contains the private key used for TLS for XMPP service. The file will be copied to directory ``/etc/ssl/private/``. -**xmpp_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/FQDN_xmpp.pem``) +**xmpp_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/ansible_facts[host]['fqdn']_xmpp.pem``) Path to file on Ansible host that contains the X.509 certificate used for TLS for SMTP service. The file will be copied to directory ``/etc/ssl/certs/``. @@ -741,21 +741,21 @@ Parameters **mail_user_gid** (integer, optional, ``whatever OS picks``) GID of the user that owns all the mail files. -**imap_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/FQDN_imap.pem``) +**imap_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/ansible_facts[host]['fqdn']_imap.pem``) Path to file on Ansible host that contains the X.509 certificate used for TLS for IMAP and ManageSieve services. The file will be copied to directory ``/etc/ssl/certs/``. -**imap_tls_key** (string, optional, ``{{ tls_private_key_dir }}/FQDN_imap.key``) +**imap_tls_key** (string, optional, ``{{ tls_private_key_dir }}/ansible_facts[host]['fqdn']_imap.key``) Path to file on Ansible host that contains the private key used for TLS for IMAP and ManageSieve services. The file will be copied to directory ``/etc/ssl/private/``. -**smtp_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/FQDN_smtp.pem``) +**smtp_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/ansible_facts[host]['fqdn']_smtp.pem``) Path to file on Ansible host that contains the X.509 certificate used for TLS for SMTP service. The file will be copied to directory ``/etc/ssl/certs/``. -**smtp_tls_key** (string, optional, ``{{ tls_certificate_dir }}/FQDN_smtp.key``) +**smtp_tls_key** (string, optional, ``{{ tls_certificate_dir }}/ansible_facts[host]['fqdn']_smtp.key``) Path to file on Ansible host that contains the private key used for TLS for SMTP service. The file will be copied to directory ``/etc/ssl/private/``. @@ -897,18 +897,18 @@ The role implements the following: Parameters ~~~~~~~~~~ -**https_tls_key** (string, mandatory) +**https_tls_key** (string, optional, ``{{ tls_private_key_dir }}/ansible_facts[host]['fqdn']_web.key``) Path to file on Ansible host that contains the private key used for TLS for HTTPS service. The file will be copied to directory ``/etc/ssl/private/``. -**https_tls_certificate** (string, mandatory) +**https_tls_certificate** (string, optional, ``{{ tls_certificate_dir }}/ansible_facts[host]['fqdn']_web.pem``) Path to file on Ansible host that contains the X.509 certificate used for TLS for HTTPS service. The file will be copied to directory ``/etc/ssl/certs/``. -**web_default_title** (string, mandatory) +**web_default_title** (string, optional, ``Welcome``) Title for the default web page shown to users (if no other vhosts were matched). -**web_default_message** (string, mandatory) +**web_default_message** (string, optional, ``You are attempting to access the web server using a wrong name or an IP address. Please check your URL.``) Message for the default web page shown to users (if no other vhosts were matched). diff --git a/roles/web_server/defaults/main.yml b/roles/web_server/defaults/main.yml new file mode 100644 index 0000000000000000000000000000000000000000..97742fb1ac917bc7265b365e7824f1458316fb40 --- /dev/null +++ b/roles/web_server/defaults/main.yml @@ -0,0 +1,6 @@ +--- + +https_tls_key: "{{ tls_private_key_dir }}/ansible_facts[host]['fqdn']_web.key" +https_tls_certificate: "{{ tls_certificate_dir }}/ansible_facts[host]['fqdn']_web.pem }}" +web_default_title: "Welcome" +web_default_message: "You are attempting to access the web server using a wrong name or an IP address. Please check your URL."