mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2024-12-25 18:38:30 +01:00
73af8f7bbb
By default, `--tags=self-check` no longer validates certificates when `matrix_ssl_retrieval_method` is set to `self-signed`. Besides this default, people can also enable/disable validation using the individual role variables manually. Fixes #124 (Github Issue)
31 lines
1.0 KiB
YAML
31 lines
1.0 KiB
YAML
---
|
|
|
|
- name: Determine well-known files to check (Matrix)
|
|
set_fact:
|
|
well_known_file_checks:
|
|
- path: /.well-known/matrix/client
|
|
purpose: Client Discovery
|
|
cors: true
|
|
follow_redirects: false
|
|
validate_certs: "{{ matrix_nginx_proxy_self_check_validate_certificates }}"
|
|
|
|
- block:
|
|
- set_fact:
|
|
well_known_file_check_matrix_server:
|
|
path: /.well-known/matrix/server
|
|
purpose: Server Discovery
|
|
cors: false
|
|
follow_redirects: true
|
|
validate_certs: "{{ matrix_nginx_proxy_self_check_validate_certificates }}"
|
|
|
|
- name: Determine domains that we require certificates for (mxisd)
|
|
set_fact:
|
|
well_known_file_checks: "{{ well_known_file_checks + [well_known_file_check_matrix_server] }}"
|
|
when: "matrix_well_known_matrix_server_enabled"
|
|
|
|
- name: Perform well-known checks
|
|
include_tasks: "{{ role_path }}/tasks/self_check_well_known_file.yml"
|
|
with_items: "{{ well_known_file_checks }}"
|
|
loop_control:
|
|
loop_var: well_known_file_check
|