summaryrefslogtreecommitdiffstats
path: root/theos
diff options
context:
space:
mode:
authorJohannes Löthberg <johannes@kyriasis.com>2019-07-29 21:17:54 +0200
committerJohannes Löthberg <johannes@kyriasis.com>2019-07-29 21:17:54 +0200
commit53af9a2e061558cc129e666985ebea1683506481 (patch)
treec36c30ac23a0def97765d5892fb44d26ccfb8271 /theos
parent590dc8d623e1077f77ec6847110e285750f60b4f (diff)
downloadfile-53af9a2e061558cc129e666985ebea1683506481.tar.xz
Matrix should use server_name cert
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
Diffstat (limited to 'theos')
-rw-r--r--theos/certs/init.sls1
-rw-r--r--theos/certs/kyriasis_com.sls14
-rw-r--r--theos/certs/matrix_kyriasis_com.sls30
3 files changed, 14 insertions, 31 deletions
diff --git a/theos/certs/init.sls b/theos/certs/init.sls
index 211392c..af7542b 100644
--- a/theos/certs/init.sls
+++ b/theos/certs/init.sls
@@ -3,7 +3,6 @@ include:
- .theos_kyriasis_com
- .xan_kyriasis_com
- .git_kyriasis_com
- - .matrix_kyriasis_com
- .riot_kyriasis_com
- .taskd_kyriasis_com
- .miniflux_kyriasis_com
diff --git a/theos/certs/kyriasis_com.sls b/theos/certs/kyriasis_com.sls
index 6ce0fe9..68bb7ab 100644
--- a/theos/certs/kyriasis_com.sls
+++ b/theos/certs/kyriasis_com.sls
@@ -13,4 +13,18 @@ kyriasis.com:
- require_in:
- service: nginx_service
+/etc/synapse/ssl/fullchain.pem:
+ file.managed:
+ - source: /etc/letsencrypt/live/kyriasis.com/fullchain.pem
+ - user: synapse
+ - group: synapse
+ - mode: 600
+
+/etc/synapse/ssl/privkey.pem:
+ file.managed:
+ - source: /etc/letsencrypt/live/kyriasis.com/privkey.pem
+ - user: synapse
+ - group: synapse
+ - mode: 600
+
# vim: set ft=yaml et:
diff --git a/theos/certs/matrix_kyriasis_com.sls b/theos/certs/matrix_kyriasis_com.sls
deleted file mode 100644
index e908883..0000000
--- a/theos/certs/matrix_kyriasis_com.sls
+++ /dev/null
@@ -1,30 +0,0 @@
-include:
- - nginx
-
-matrix.kyriasis.com:
- acme.cert:
- - email: johannes@kyriasis.com
- - webroot: /srv/http/
- - keysize: 4096
- - renew: 30
-
- - watch_in:
- - service: nginx_service
- - require_in:
- - service: nginx_service
-
-/etc/synapse/ssl/fullchain.pem:
- file.managed:
- - source: /etc/letsencrypt/live/matrix.kyriasis.com/fullchain.pem
- - user: synapse
- - group: synapse
- - mode: 600
-
-/etc/synapse/ssl/privkey.pem:
- file.managed:
- - source: /etc/letsencrypt/live/matrix.kyriasis.com/privkey.pem
- - user: synapse
- - group: synapse
- - mode: 600
-
-# vim: set ft=yaml et: