From aa2710ec320b5744405c26d216db039a57dc4c0e Mon Sep 17 00:00:00 2001 From: binary Date: Sat, 23 Jan 2021 12:30:17 +0100 Subject: Bare init for acme certificates generation --- roles/acme/templates/acme-client.conf.j2 | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 roles/acme/templates/acme-client.conf.j2 (limited to 'roles/acme/templates/acme-client.conf.j2') diff --git a/roles/acme/templates/acme-client.conf.j2 b/roles/acme/templates/acme-client.conf.j2 new file mode 100644 index 0000000..40a284a --- /dev/null +++ b/roles/acme/templates/acme-client.conf.j2 @@ -0,0 +1,20 @@ +# +# $OpenBSD: acme-client.conf,v 1.4 2020/09/17 09:13:06 florian Exp $ +# +# managed by Ansible + +authority letsencrypt { + api url "https://acme-v02.api.letsencrypt.org/directory" + account key "/etc/acme/letsencrypt-privkey.pem" +} + +authority letsencrypt-staging { + api url "https://acme-staging-v02.api.letsencrypt.org/directory" + account key "/etc/acme/letsencrypt-staging-privkey.pem" +} + +domain {{ global.domain_name }} { + domain key "/etc/ssl/private/{{ global.domain_name }}.key" + domain full chain certificate "/etc/ssl/{{ global.domain_name }}.fullchain.pem" + sign with letsencrypt +} -- cgit v1.2.3