From 3cd364f71c51c00e5d68af211ffa94e0ee28311e Mon Sep 17 00:00:00 2001
From: Jan Philipp Timme <jan.philipp@timme.it>
Date: Mon, 12 Oct 2020 12:03:11 +0200
Subject: [PATCH] Fix path to certificates

---
 postgrest/tpl/nginx.conf | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/postgrest/tpl/nginx.conf b/postgrest/tpl/nginx.conf
index 98ca22f..506e8fb 100644
--- a/postgrest/tpl/nginx.conf
+++ b/postgrest/tpl/nginx.conf
@@ -37,14 +37,14 @@ server {
     ssl_session_timeout         5m;
 
     ssl                         on;
-    ssl_certificate             /root/certs/{{ nginx_conf.get('ssl_cert_name', instance_name) }}.pem;
-    ssl_certificate_key         /root/certs/{{ nginx_conf.get('ssl_cert_name', instance_name) }}.key;
+    ssl_certificate             /etc/hsh-certs/{{ nginx_conf.get('ssl_cert_name', instance_name) }}.pem;
+    ssl_certificate_key         /etc/hsh-certs/{{ nginx_conf.get('ssl_cert_name', instance_name) }}.key;
 
     # Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
-    ssl_dhparam                 /root/certs/{{ nginx_conf.get('ssl_cert_name', instance_name) }}.dhparam.pem;
+    ssl_dhparam                 /etc/hsh-certs/{{ nginx_conf.get('ssl_cert_name', instance_name) }}.dhparam.pem;
     {% if nginx_conf.client_ca is defined %}
     ssl_verify_client           on;
-    ssl_client_certificate      /root/certs/{{ nginx_conf.get('ssl_cert_name'), instance_name }}
+    ssl_client_certificate      /etc/hsh-certs/{{ nginx_conf.get('ssl_cert_name'), instance_name }}
     {% endif %}
 
     ssl_protocols               TLSv1 TLSv1.1 TLSv1.2;
-- 
GitLab