Merge pull request #135 from lerminou/master

TLS parameter are not taken into account during deploy

defaults/main.yml

@@ -37,7 +37,7 @@ graylog_http_enable_gzip:             True
 graylog_http_enable_tls:              False
 graylog_http_tls_cert_file:           "/path/to/graylog.crt"
 graylog_http_tls_key_file:            "/path/to/graylog.key"
-graylog_http_tls_key_password:        "secret"
+graylog_http_tls_key_password:        ""
 graylog_http_max_header_size:         8192
 graylog_http_max_initial_line_length: 4096
 graylog_http_thread_pool_size:        16

templates/graylog.server.conf.j2

@@ -164,13 +164,27 @@ http_thread_pool_size = {{ graylog_http_thread_pool_size }}
 http_enable_tls = {{ graylog_http_enable_tls }}
 
 # The X.509 certificate chain file in PEM format to use for securing the HTTP interface.
-# http_tls_cert_file = {{ graylog_http_tls_cert_file }}
+{% if graylog_http_enable_tls %}
+http_tls_cert_file = {{ graylog_http_tls_cert_file }}
+{% else %}
+#http_tls_cert_file = {{ graylog_http_tls_cert_file }}
+{% endif %}
+
 
 # The PKCS#8 private key file in PEM format to use for securing the HTTP interface.
+{% if graylog_http_enable_tls %}
+http_tls_key_file = {{ graylog_http_tls_key_file }}
+{% else %}
 #http_tls_key_file = {{ graylog_http_tls_key_file }}
+{% endif %}
+
 
 # The password to unlock the private key used for securing the HTTP interface.
+{% if graylog_http_enable_tls and graylog_http_tls_key_password != "" %}
+http_tls_key_password = {{ graylog_http_tls_key_password }}
+{% else %}
 #http_tls_key_password = {{ graylog_http_tls_key_password }}
+{% endif %}
 
 
 # Comma separated list of trusted proxies that are allowed to set the client address with X-Forwarded-For
@@ -644,4 +658,4 @@ proxied_requests_thread_pool_size = {{ graylog_proxied_requests_thread_pool_size
 
 {% for key, value in graylog_additional_config.items() %}
 {{ key }} = {{ value }}
-{% endfor %}
+{% endfor %}