From: Silvio Rhatto <rhatto@riseup.net>
Date: Thu, 23 Jun 2016 01:34:12 +0000 (-0300)
Subject: Uses snakeoil cert for default 403 site
X-Git-Url: https://gitweb.fluxo.info/?a=commitdiff_plain;h=95da4e006a2bc31f409c78872472db3ac01250d4;p=puppet-nginx.git

Uses snakeoil cert for default 403 site
---

diff --git a/manifests/init.pp b/manifests/init.pp
index 23f4214..ef98597 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -22,7 +22,6 @@ class nginx inherits nginx::base {
   # Default site
   nginx::site { "default":
     ensure   => present,
-    ssl      => absent,
     source   => 'template',
     template => 'default',
     certbot  => false,
diff --git a/manifests/ssl.pp b/manifests/ssl.pp
index 899f4ff..8dc3407 100644
--- a/manifests/ssl.pp
+++ b/manifests/ssl.pp
@@ -2,6 +2,7 @@ class nginx::ssl(
   $session_timeout = '5m'
 ) {
   include ssl
+  include ssl::snakeoil
 
   class { 'certbot':
     pre_hook  => '/usr/sbin/service nginx stop',
diff --git a/templates/default-ssl.erb b/templates/default-ssl.erb
index 7a0e58f..4413461 100644
--- a/templates/default-ssl.erb
+++ b/templates/default-ssl.erb
@@ -2,7 +2,7 @@ server {
   listen              443 default_server;
   server_name         _;
   ssl                 on;
-  ssl_certificate     /etc/ssl/certs/example.org.crt;
-  ssl_certificate_key /etc/ssl/private/example.org.pem;
+  ssl_certificate     /etc/ssl/certs/ssl-cert-snakeoil.pem;
+  ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
   return              403;
 }