From ece03524c3cad2cede762aa75e7c1bf20601cb3e Mon Sep 17 00:00:00 2001
From: L3D <l3d@c3woc.de>
Date: Wed, 23 Dec 2020 20:02:06 +0100
Subject: [PATCH] try to fix acmetool and fix template path

---
 roles/acmetool_fix/README.md                  |  3 +++
 roles/acmetool_fix/defaults/main.yml          |  2 ++
 roles/acmetool_fix/tasks/main.yml             |  5 +++++
 site.yml                                      |  1 +
 .../files/nginx/sites/c3woc.org_tls.conf      | 22 +++++++++++++++++++
 5 files changed, 33 insertions(+)
 create mode 100644 roles/acmetool_fix/README.md
 create mode 100644 roles/acmetool_fix/defaults/main.yml
 create mode 100644 roles/acmetool_fix/tasks/main.yml
 create mode 100644 templates/files/nginx/sites/c3woc.org_tls.conf

diff --git a/roles/acmetool_fix/README.md b/roles/acmetool_fix/README.md
new file mode 100644
index 0000000..f1ce24a
--- /dev/null
+++ b/roles/acmetool_fix/README.md
@@ -0,0 +1,3 @@
+# acmetoo-fix
+
+Install the latest acmetool from http://ftp.de.debian.org/debian/pool/main/a/acmetool/acmetool_0.2.1-4_amd64.deb
diff --git a/roles/acmetool_fix/defaults/main.yml b/roles/acmetool_fix/defaults/main.yml
new file mode 100644
index 0000000..37c514d
--- /dev/null
+++ b/roles/acmetool_fix/defaults/main.yml
@@ -0,0 +1,2 @@
+---
+acmetool_fix__deb: http://ftp.de.debian.org/debian/pool/main/a/acmetool/acmetool_0.2.1-4_amd64.deb
diff --git a/roles/acmetool_fix/tasks/main.yml b/roles/acmetool_fix/tasks/main.yml
new file mode 100644
index 0000000..c78e128
--- /dev/null
+++ b/roles/acmetool_fix/tasks/main.yml
@@ -0,0 +1,5 @@
+---
+- name: install acmetool from fixed url
+  become: true
+  apt:
+    deb: "{{ acmetool_fix__deb }}"
diff --git a/site.yml b/site.yml
index d985853..fbd8bf8 100644
--- a/site.yml
+++ b/site.yml
@@ -19,5 +19,6 @@
   hosts: web
   roles:
     - { role: webhost2, tags: [web,webhost]}
+    - { role: acmetool_fix, tags: [web,acmetool]}
     - { role: acmetool2, tags: [web,acmetool]}
     - { role: nginx2, tags: [web,nginx]}
diff --git a/templates/files/nginx/sites/c3woc.org_tls.conf b/templates/files/nginx/sites/c3woc.org_tls.conf
new file mode 100644
index 0000000..91fbb84
--- /dev/null
+++ b/templates/files/nginx/sites/c3woc.org_tls.conf
@@ -0,0 +1,22 @@
+server {
+        listen 443 ssl http2;
+        listen [::]:443 ssl http2;
+
+        server_name c3woc.org;
+
+        include snippets/tls_parameters_{{ site.name }}.snippet.conf;
+        include snippets/tls_certificate_{{ site.name }}.snippet.conf;
+        include snippets/logging_{{ site.name }}.snippet.conf;
+
+        root /srv/www/files.chvoc.ch;
+
+        location / {
+                try_files $uri $uri/ =404;
+        }
+
+        location /files/foobarach1xa/ {
+                autoindex on;
+                autoindex_exact_size off;
+                autoindex_localtime on;
+        }
+}