1
0
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git synced 2024-12-12 08:43:55 +02:00
matrix-docker-ansible-deploy/roles/matrix-nginx-proxy/tasks/self_check_well_known.yml
Slavi Pantaleev 73af8f7bbb Make self-check not validate self-signed certificates
By default, `--tags=self-check` no longer validates certificates
when `matrix_ssl_retrieval_method` is set to `self-signed`.

Besides this default, people can also enable/disable validation using the
individual role variables manually.

Fixes #124 (Github Issue)
2019-03-22 09:41:08 +02:00

31 lines
1.0 KiB
YAML

---
- name: Determine well-known files to check (Matrix)
set_fact:
well_known_file_checks:
- path: /.well-known/matrix/client
purpose: Client Discovery
cors: true
follow_redirects: false
validate_certs: "{{ matrix_nginx_proxy_self_check_validate_certificates }}"
- block:
- set_fact:
well_known_file_check_matrix_server:
path: /.well-known/matrix/server
purpose: Server Discovery
cors: false
follow_redirects: true
validate_certs: "{{ matrix_nginx_proxy_self_check_validate_certificates }}"
- name: Determine domains that we require certificates for (mxisd)
set_fact:
well_known_file_checks: "{{ well_known_file_checks + [well_known_file_check_matrix_server] }}"
when: "matrix_well_known_matrix_server_enabled"
- name: Perform well-known checks
include_tasks: "{{ role_path }}/tasks/self_check_well_known_file.yml"
with_items: "{{ well_known_file_checks }}"
loop_control:
loop_var: well_known_file_check