Closed ghost closed 4 years ago
it's possible to generate one on the fly, but it's kinda slow (on my machine at least), so i'm not sure if we should do that by default
the only way i can get this to work is by installing nginx first. Once it's installed, then i have the right permissions to load the ssl certs and ssl_dhparam file.
I forgot it was made on my other role that can combine : https://github.com/jdauphant/ansible-role-ssl-certs#example-to-use-this-role-with-my-nginx-role-jdauphantnginx
nginx currently only builds a 1024 bit dhparam file, but many guides recommend building and installing your own, such as this one: http://www.nginxtips.com/hardening-nginx-ssl-tsl-configuration/
Currently it's hard to install this from another role before or after this.