Make self-check not validate self-signed certificates

By default, `--tags=self-check` no longer validates certificates when `matrix_ssl_retrieval_method` is set to `self-signed`. Besides this default, people can also enable/disable validation using the individual role variables manually. Fixes #124 (Github Issue)
2025-06-25 10:47:51 +02:00 · 2019-03-22 09:39:17 +02:00
parent 1939fc9113
commit 73af8f7bbb
11 changed files with 29 additions and 3 deletions
--- a/roles/matrix-nginx-proxy/tasks/self_check_well_known.yml
+++ b/roles/matrix-nginx-proxy/tasks/self_check_well_known.yml
@ -7,6 +7,7 @@
        purpose: Client Discovery
        cors: true
        follow_redirects: false
+        validate_certs: "{{ matrix_nginx_proxy_self_check_validate_certificates }}"

 - block:
    - set_fact:
@ -15,6 +16,7 @@
          purpose: Server Discovery
          cors: false
          follow_redirects: true
+          validate_certs: "{{ matrix_nginx_proxy_self_check_validate_certificates }}"

    - name: Determine domains that we require certificates for (mxisd)
      set_fact: