diff options
author | Romain Gonçalves <me@rgoncalves.se> | 2021-12-11 18:50:33 +0000 |
---|---|---|
committer | Romain Gonçalves <me@rgoncalves.se> | 2021-12-11 18:50:33 +0000 |
commit | de3373e97d133e0ac76fb44deb5dea27c18d8815 (patch) | |
tree | 5b63b301ff180ef837ca6fb6a676e31cb87d326c /roles/acme/templates | |
parent | e60e99796111ee6d43080b4e48971c08886c0570 (diff) | |
download | rules-de3373e97d133e0ac76fb44deb5dea27c18d8815.tar.gz |
roles: Add pf and relayd roles for domain controller
Diffstat (limited to 'roles/acme/templates')
-rw-r--r-- | roles/acme/templates/acme-client.conf.j2 | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/roles/acme/templates/acme-client.conf.j2 b/roles/acme/templates/acme-client.conf.j2 new file mode 100644 index 0000000..3792009 --- /dev/null +++ b/roles/acme/templates/acme-client.conf.j2 @@ -0,0 +1,26 @@ +# managed by Ansible +{% import 'macros.j2' as macros with context %} + +authority letsencrypt { + api url "https://acme-v02.api.letsencrypt.org/directory" + account key "/etc/acme/letsencrypt-privkey.pem" +} + +domain {{ acme_domain_name }} { + alternative names { www.{{ acme_domain_name }} } + domain key "/etc/ssl/private/{{ acme_domain_name }}.key" + domain full chain certificate "/etc/ssl/{{ acme_domain_name }}.crt" + sign with letsencrypt +} + +{% call(h) macros.loop_valid_hosts("servers") -%} +{% for service in h.__services if service.domain is defined %} +domain {{ service.domain }}.{{ acme_domain_name }} { + {% set domain = service.domain ~ "." ~ acme_domain_name %} + alternative names { www.{{ domain }} } + domain key "/etc/ssl/private/{{ domain }}.key" + domain full chain certificate "/etc/ssl/{{ domain }}.crt" + sign with letsencrypt +} +{% endfor %} +{%- endcall %} |