diff --git a/defaults/main.yml b/defaults/main.yml
index 5e204e0..5407b58 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -2,3 +2,4 @@
# Default values for variables of the role
# variable_name: value
letsencrypt_account_email: certs@example.org
+domain: example.org
diff --git a/tasks/configure_prometheus_exporters_certificates.yml b/tasks/configure_prometheus_exporters_certificates.yml
index 0a9e8d8..743195a 100644
--- a/tasks/configure_prometheus_exporters_certificates.yml
+++ b/tasks/configure_prometheus_exporters_certificates.yml
@@ -23,11 +23,11 @@
state: stopped
- name: Request certificate for node-metrics
- shell: "certbot certonly --agree-tos --email {{ letsencrypt_account_email }} --standalone -n -d node-metrics-{{ ansible_fqdn }}"
+ shell: "certbot certonly --agree-tos --email {{ letsencrypt_account_email }} --standalone -n -d node-metrics-{{ inventory_hostname }}.{{ domain }}"
args:
- creates: "/etc/letsencrypt/live/node-metrics-{{ ansible_fqdn }}/fullchain.pem"
+ creates: "/etc/letsencrypt/live/node-metrics-{{ inventory_hostname }}.{{ domain }}/fullchain.pem"
- name: Request certificate for postfix-metrics
- shell: "certbot certonly --agree-tos --email {{ letsencrypt_account_email }} --standalone -n -d postfix-metrics-{{ ansible_fqdn }}"
+ shell: "certbot certonly --agree-tos --email {{ letsencrypt_account_email }} --standalone -n -d postfix-metrics-{{ inventory_hostname }}.{{ domain }}"
args:
- creates: "/etc/letsencrypt/live/postfix-metrics-{{ ansible_fqdn }}/fullchain.pem"
+ creates: "/etc/letsencrypt/live/postfix-metrics-{{ inventory_hostname }}.{{ domain }}/fullchain.pem"
diff --git a/tasks/configure_prometheus_exporters_external.yml b/tasks/configure_prometheus_exporters_external.yml
index 4584e76..ddced71 100644
--- a/tasks/configure_prometheus_exporters_external.yml
+++ b/tasks/configure_prometheus_exporters_external.yml
@@ -16,13 +16,13 @@
- name: Ensure the document root exists for node exporter
file:
- path: "/var/www/node-metrics-{{ ansible_fqdn }}/"
+ path: "/var/www/node-metrics-{{ inventory_hostname }}.{{ domain }}/"
state: directory
owner: www-data
- name: Ensure the document root exists postfixnode exporter
file:
- path: "/var/www/postfix-metrics-{{ ansible_fqdn }}/"
+ path: "/var/www/postfix-metrics-{{ inventory_hostname }}.{{ domain }}/"
state: directory
owner: www-data
@@ -30,12 +30,12 @@
- name: Check if certificates exist
stat:
- path: "/etc/letsencrypt/live/node-metrics-{{ ansible_fqdn }}/fullchain.pem"
+ path: "/etc/letsencrypt/live/node-metrics-{{ inventory_hostname }}.{{ domain }}/fullchain.pem"
register: node_certificate
- name: Check if postfix certificates exist
stat:
- path: "/etc/letsencrypt/live/postfix-metrics-{{ ansible_fqdn }}/fullchain.pem"
+ path: "/etc/letsencrypt/live/postfix-metrics-{{ inventory_hostname }}.{{ domain }}/fullchain.pem"
register: postfix_certificate
- name: Request certificates for node and postfix
diff --git a/templates/apache2.conf.j2 b/templates/apache2.conf.j2
index 29ec88c..3c9b484 100644
--- a/templates/apache2.conf.j2
+++ b/templates/apache2.conf.j2
@@ -1,36 +1,36 @@
- ServerName node-metrics-{{ ansible_fqdn }}
- DocumentRoot "/var/www/node-metrics-{{ ansible_fqdn }}/"
-
+ ServerName node-metrics-{{ inventory_hostname }}.{{ domain }}
+ DocumentRoot "/var/www/node-metrics-{{ inventory_hostname }}.{{ domain }}/"
+
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Require all granted
- ErrorLog "/var/log/apache2/node-metrics-{{ ansible_fqdn }}_insecure_error.log"
+ ErrorLog "/var/log/apache2/node-metrics-{{ inventory_hostname }}.{{ domain }}_insecure_error.log"
ServerSignature Off
- CustomLog "/var/log/apache2/node-metrics-{{ ansible_fqdn }}_insecure_access.log" combined
- Redirect permanent / https://node-metrics-{{ ansible_fqdn }}/
+ CustomLog "/var/log/apache2/node-metrics-{{ inventory_hostname }}.{{ domain }}_insecure_access.log" combined
+ Redirect permanent / https://node-metrics-{{ inventory_hostname }}.{{ domain }}/
- ServerName node-metrics-{{ ansible_fqdn }}
+ ServerName node-metrics-{{ inventory_hostname }}.{{ domain }}
ServerAdmin webmaster@susurrando.com
- DocumentRoot "/var/www/node-metrics-{{ ansible_fqdn }}/"
-
+ DocumentRoot "/var/www/node-metrics-{{ inventory_hostname }}.{{ domain }}/"
+
Options -Indexes +FollowSymLinks
AllowOverride None
Require all granted
- ErrorLog "/var/log/apache2/node-metrics-{{ ansible_fqdn }}_ssl_error_ssl.log"
+ ErrorLog "/var/log/apache2/node-metrics-{{ inventory_hostname }}.{{ domain }}_ssl_error_ssl.log"
ServerSignature Off
- CustomLog "/var/log/apache2/node-metrics-{{ ansible_fqdn }}_ssl_access_ssl.log" combined
+ CustomLog "/var/log/apache2/node-metrics-{{ inventory_hostname }}.{{ domain }}_ssl_access_ssl.log" combined
ErrorDocument 404 /notfound.php
ErrorDocument 500 /error500.php
ErrorDocument 503 /error503.php
RewriteEngine On
SSLEngine on
- SSLCertificateFile "/etc/letsencrypt/live/node-metrics-{{ ansible_fqdn }}/fullchain.pem"
- SSLCertificateKeyFile "/etc/letsencrypt/live/node-metrics-{{ ansible_fqdn }}/privkey.pem"
+ SSLCertificateFile "/etc/letsencrypt/live/node-metrics-{{ inventory_hostname }}.{{ domain }}/fullchain.pem"
+ SSLCertificateKeyFile "/etc/letsencrypt/live/node-metrics-{{ inventory_hostname }}.{{ domain }}/privkey.pem"
SSLProtocol all -SSLv3 -SSLv2 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
DefineExternalAuth mysqlauth pipe /usr/local/bin/mysql-auth.pl
@@ -40,38 +40,38 @@
- ServerName postfix-metrics-{{ ansible_fqdn }}
- DocumentRoot "/var/www/postfix-metrics-{{ ansible_fqdn }}/"
-
+ ServerName postfix-metrics-{{ inventory_hostname }}.{{ domain }}
+ DocumentRoot "/var/www/postfix-metrics-{{ inventory_hostname }}.{{ domain }}/"
+
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Require all granted
- ErrorLog "/var/log/apache2/postfix-metrics-{{ ansible_fqdn }}_insecure_error.log"
+ ErrorLog "/var/log/apache2/postfix-metrics-{{ inventory_hostname }}.{{ domain }}_insecure_error.log"
ServerSignature Off
- CustomLog "/var/log/apache2/postfix-metrics-{{ ansible_fqdn }}_insecure_access.log" combined
- Redirect permanent / https://postfix-metrics-{{ ansible_fqdn }}/
+ CustomLog "/var/log/apache2/postfix-metrics-{{ inventory_hostname }}.{{ domain }}_insecure_access.log" combined
+ Redirect permanent / https://postfix-metrics-{{ inventory_hostname }}.{{ domain }}/
- ServerName postfix-metrics-{{ ansible_fqdn }}
+ ServerName postfix-metrics-{{ inventory_hostname }}.{{ domain }}
ServerAdmin webmaster@susurrando.com
- DocumentRoot "/var/www/postfix-metrics-{{ ansible_fqdn }}/"
-
+ DocumentRoot "/var/www/postfix-metrics-{{ inventory_hostname }}.{{ domain }}/"
+
Options -Indexes +FollowSymLinks
AllowOverride None
Require all granted
- ErrorLog "/var/log/apache2/postfix-metrics-{{ ansible_fqdn }}_ssl_error_ssl.log"
+ ErrorLog "/var/log/apache2/postfix-metrics-{{ inventory_hostname }}.{{ domain }}_ssl_error_ssl.log"
ServerSignature Off
- CustomLog "/var/log/apache2/postfix-metrics-{{ ansible_fqdn }}_ssl_access_ssl.log" combined
+ CustomLog "/var/log/apache2/postfix-metrics-{{ inventory_hostname }}.{{ domain }}_ssl_access_ssl.log" combined
ErrorDocument 404 /notfound.php
ErrorDocument 500 /error500.php
ErrorDocument 503 /error503.php
RewriteEngine On
SSLEngine on
- SSLCertificateFile "/etc/letsencrypt/live/postfix-metrics-{{ ansible_fqdn }}/fullchain.pem"
- SSLCertificateKeyFile "/etc/letsencrypt/live/postfix-metrics-{{ ansible_fqdn }}/privkey.pem"
+ SSLCertificateFile "/etc/letsencrypt/live/postfix-metrics-{{ inventory_hostname }}.{{ domain }}/fullchain.pem"
+ SSLCertificateKeyFile "/etc/letsencrypt/live/postfix-metrics-{{ inventory_hostname }}.{{ domain }}/privkey.pem"
SSLProtocol all -SSLv3 -SSLv2 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
DefineExternalAuth mysqlauth pipe /usr/local/bin/mysql-auth.pl