NGinx reverse proxy with SSL offloading and SNI support using Letsencrypt

What you need:

Debian Jessie host
Ansible
"Internet"
Brain

how to do it

Add your VHosts and Upstreams into the groupvars
Change the inventory to match your hosts IP address
ansible-playbook -K -i inventory nginx-offloading-letsencrypt.yml

what you get

A+ rating on ssllabs.com (DNS record is mandatory: https://blog.qualys.com/ssllabs/2017/03/13/caa-mandated-by-cabrowser-forum )
HTTP/2 support
IPv6 support
SNI -> SSL certificates without messy AltName attributes
HSTS enabled by default
optional websocket support

Name		Name	Last commit message	Last commit date
Latest commit History 33 Commits
group_vars		group_vars
roles/nginx-letsencrypt-reverseproxy		roles/nginx-letsencrypt-reverseproxy
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
inventory		inventory
nginx-offloading-letsencrypt.yml		nginx-offloading-letsencrypt.yml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

group_vars

group_vars

roles/nginx-letsencrypt-reverseproxy

roles/nginx-letsencrypt-reverseproxy

.gitignore

.gitignore

LICENSE

LICENSE

README.md

README.md

inventory

inventory

nginx-offloading-letsencrypt.yml

nginx-offloading-letsencrypt.yml

Repository files navigation

NGinx reverse proxy with SSL offloading and SNI support using Letsencrypt

What you need:

how to do it

what you get

About

Releases

Packages

Contributors 3

License

UnsignedLong/ansible-nginx-letsencrypt

Folders and files

Latest commit

History

Repository files navigation

NGinx reverse proxy with SSL offloading and SNI support using Letsencrypt

What you need:

how to do it

what you get

About

Resources

License

Stars

Watchers

Forks