Added variable to configure custom ssl certificate and key (#28)

hispanico · Jun 2, 2020 · 680512e · 680512e
1 parent c47d968
commit 680512e
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -46,6 +46,8 @@ nginx_revproxy_sites:                                         # List of sites to
     listen: 9000                                              # Specify which port you want to listen to with clear HTTP, or leave undefined for 80
     listen_ssl: 9001                                          # Specify which port you want to listen to with HTTPS, or leave undefined for 443
     ssl: true                                                 # Set to True if you want to redirect http to https
+    ssl_certificate: /etc/ssl/certs/ssl-cert-snakeoil.pem     # ssl certificate, used if letsencrypt is false
+    ssl_certificate_key: /etc/ssl/private/ssl-cert-snakeoil.key # ssl certificate key, used if letsencrypt is false
     letsencrypt: false                                        # Set to True if you want use letsencrypt
     letsencrypt_email: ""                                     # Set email for letencrypt cert
 ```

diff --git a/templates/reverseproxy_ssl.conf.j2 b/templates/reverseproxy_ssl.conf.j2
@@ -71,8 +71,8 @@ server {
    error_log /var/log/nginx/{{ item.key }}_error.log error;
 
    ssl on;
-   ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
-   ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
+   ssl_certificate {{ item.value.ssl_certificate | default('/etc/ssl/certs/ssl-cert-snakeoil.pem') }};
+   ssl_certificate_key {{ item.value.ssl_certificate_key | default ('/etc/ssl/private/ssl-cert-snakeoil.key') }};
    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';