X-Git-Url: https://gerrit.fd.io/r/gitweb?p=csit.git;a=blobdiff_plain;f=fdio.infra.terraform%2F1n_nmd%2Fnginx%2Fconf%2Fnomad%2Fnginx.hcl;h=1382060ba61d3e61f94c18e958ad97d9bded834a;hp=0775a498dac05a0fdd3b0fe43b79a4a38fe626c5;hb=d4f082106d3e8cfda1c0d52bcafb177b46562944;hpb=505d4afb63c83b6d2e39727dd0d47bc6c697954c

diff --git a/fdio.infra.terraform/1n_nmd/nginx/conf/nomad/nginx.hcl b/fdio.infra.terraform/1n_nmd/nginx/conf/nomad/nginx.hcl
index 0775a498da..1382060ba6 100644
--- a/fdio.infra.terraform/1n_nmd/nginx/conf/nomad/nginx.hcl
+++ b/fdio.infra.terraform/1n_nmd/nginx/conf/nomad/nginx.hcl
@@ -132,8 +132,10 @@ job "${job_name}" {
         }
         privileged   = false
         volumes      = [
-          "/etc/consul.d/ssl/consul.pem:/etc/ssl/certs/nginx-cert.pem",
-          "/etc/consul.d/ssl/consul-key.pem:/etc/ssl/private/nginx-key.pem",
+          "/etc/ssl/certs/docs.nginx.service.consul.crt:/etc/ssl/certs/docs.nginx.service.consul.crt",
+          "/etc/ssl/private/docs.nginx.service.consul.key:/etc/ssl/private/docs.nginx.service.consul.key",
+          "/etc/ssl/certs/logs.nginx.service.consul.crt:/etc/ssl/certs/logs.nginx.service.consul.crt",
+          "/etc/ssl/private/logs.nginx.service.consul.key:/etc/ssl/private/logs.nginx.service.consul.key",
           "custom/upstream.conf:/etc/nginx/conf.d/upstream.conf",
           "custom/logs.conf:/etc/nginx/conf.d/logs.conf",
           "custom/docs.conf:/etc/nginx/conf.d/docs.conf"
@@ -170,8 +172,8 @@ job "${job_name}" {
             ssl_protocols TLSv1.2;
             ssl_prefer_server_ciphers on;
             ssl_ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384";
-            ssl_certificate /etc/ssl/certs/nginx-cert.pem;
-            ssl_certificate_key /etc/ssl/private/nginx-key.pem;
+            ssl_certificate /etc/ssl/certs/logs.nginx.service.consul.crt;
+            ssl_certificate_key /etc/ssl/private/logs.nginx.service.consul.key;
             location / {
               chunked_transfer_encoding off;
               proxy_connect_timeout 300;
@@ -229,8 +231,8 @@ job "${job_name}" {
             ssl_protocols TLSv1.2;
             ssl_prefer_server_ciphers on;
             ssl_ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384";
-            ssl_certificate /etc/ssl/certs/nginx-cert.pem;
-            ssl_certificate_key /etc/ssl/private/nginx-key.pem;
+            ssl_certificate /etc/ssl/certs/docs.nginx.service.consul.crt;
+            ssl_certificate_key /etc/ssl/private/docs.nginx.service.consul.key;
             location / {
               chunked_transfer_encoding off;
               proxy_connect_timeout 300;