From f87d370c068c1bbe77237f76f98069f616f07bc7 Mon Sep 17 00:00:00 2001
From: jurgenhaas <juergen@paragon-es.de>
Date: Fri, 28 Dec 2018 09:59:20 +0100
Subject: [PATCH] Further improve letsencrypt to run without stopping apache
 server while it's running

---
 tasks/apache.yml                                          | 1 +
 templates/etc-apache2-conf-available-letsencrypt-redirect | 3 ---
 templates/etc-apache2-conf-available-redirect-ssl         | 3 +++
 3 files changed, 4 insertions(+), 3 deletions(-)
 create mode 100644 templates/etc-apache2-conf-available-redirect-ssl

diff --git a/tasks/apache.yml b/tasks/apache.yml
index 5f2319e..147224e 100644
--- a/tasks/apache.yml
+++ b/tasks/apache.yml
@@ -48,6 +48,7 @@
     - 'global-redirect'
     - 'global-deny'
     - 'letsencrypt-redirect'
+    - 'redirect-ssl'
     - 'other-vhosts-access-log'
   notify:
     - "Apache | Restart Apache"
diff --git a/templates/etc-apache2-conf-available-letsencrypt-redirect b/templates/etc-apache2-conf-available-letsencrypt-redirect
index b6c4871..7ec45f1 100644
--- a/templates/etc-apache2-conf-available-letsencrypt-redirect
+++ b/templates/etc-apache2-conf-available-letsencrypt-redirect
@@ -1,6 +1,3 @@
-RewriteEngine on
-RewriteCond %{REQUEST_URI} !/.well-known/acme-challenge/*
-RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
 ProxyPass /.well-known/acme-challenge !
 Alias /.well-known/acme-challenge /var/www/html/.well-known/acme-challenge
 <Directory "/var/www/html/.well-known/acme-challenge">
diff --git a/templates/etc-apache2-conf-available-redirect-ssl b/templates/etc-apache2-conf-available-redirect-ssl
new file mode 100644
index 0000000..bab03b9
--- /dev/null
+++ b/templates/etc-apache2-conf-available-redirect-ssl
@@ -0,0 +1,3 @@
+RewriteEngine on
+RewriteCond %{REQUEST_URI} !/.well-known/acme-challenge/*
+RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
-- 
GitLab