From 7918d779c2c6dfd10d7bd701585fca1f1901972d Mon Sep 17 00:00:00 2001 From: Blallo Date: Thu, 28 May 2020 10:12:08 +0200 Subject: [PATCH] Change how TLS is disabled, add custom origin --- tasks/main.yml | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index 417cfe0..1e0cb9b 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -7,14 +7,21 @@ state: present loop: "{{ cockpit_packages }}" -- name: disable cockpit internal TLS +- name: disable cockpit selfsigned TLS ini_file: - dest: "/usr/lib/systemd/system/cockpit.service" - section: "Service" - option: "ExecStart" - value: "/usr/libexec/cockpit-ws --no-tls" + dest: "/etc/cockpit/cockpit.conf" + section: "WebService" + option: "AllowUnencrypted" + value: "true" + register: systemd + +- name: add cockpit origin + ini_file: + dest: "/etc/cockpit/cockpit.conf" + section: "WebService" + option: "Origins" + value: "https://{{ ansible_hostname }}.cockpit.troubles.io" register: systemd - when: cockpit_disable_tls - name: change default listen port blockinfile: