From ea2e31cd27ee0f75ee90db9332946d1c0f8a1e14 Mon Sep 17 00:00:00 2001
From: friedrich goerz <friedrich.goerz@netgo.de>
Date: Fri, 8 Apr 2022 15:38:17 +0200
Subject: [PATCH] DEV-383: fixing bug

---
 roles/gitea/vars/main.yml  | 1 +
 roles/maria/tasks/main.yml | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/roles/gitea/vars/main.yml b/roles/gitea/vars/main.yml
index 39eda2e..03ab096 100644
--- a/roles/gitea/vars/main.yml
+++ b/roles/gitea/vars/main.yml
@@ -31,6 +31,7 @@ gitea_environment: [
   "GITEA__database__NAME: \"{{ gitea_postgres_database }}\"",
   "GITEA__database__USER: \"{{ gitea_postgres_database }}\"",
   "GITEA__database__PASSWD: \"{{ gitea_postgres_password }}\"",
+  "GITEA__database__SSL_MODE: \"require\"",
 
   "GITEA__server__DOMAIN: \"{{ stage_server_domain }}\"",
   "GITEA__server__SSH_DOMAIN: \"{{ stage_server_domain }}\"",
diff --git a/roles/maria/tasks/main.yml b/roles/maria/tasks/main.yml
index db3ec1f..384f97e 100644
--- a/roles/maria/tasks/main.yml
+++ b/roles/maria/tasks/main.yml
@@ -30,12 +30,14 @@
     tasks_from: _create_cert
   vars:
     selfsigned_ca_cert_private_key: '{{ cert_private_key }}'
+    selfsigned_ca_cert_private_key_group: mysql
     selfsigned_ca_cert_public_key: '{{ cert_public_key }}'
     selfsigned_ca_cacert: '{{ ca_cert }}'
     selfsigned_ca_cert_subject:
       CN: '{{ inventory_hostname }}.{{ domain }}'
     selfsigned_ca_cert_altnames:
       - 'DNS:{{ inventory_hostname }}.{{ domain }}'
+      - 'DNS:{{ inventory_hostname }}'
     selfsigned_ca_trigger_handler: restart mysql
  
 - name: Fix binding..