jpp/ansible-roles
1
0
Fork 0
mirror of https://git.lapiole.org/dani/ansible-roles.git synced 2025-07-26 15:55:56 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update to 2021-12-01 19:13

Browse Source
This commit is contained in:
Daniel Berteaud
2021-12-01 19:13:34 +01:00
commit 4c4556c660
2153 changed files with 60999 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
roles/letsencrypt/defaults/main.yml Normal file
View File

@@ -0,0 +1,76 @@
---
# Set the API endpoint to use. Default is to use https://acme-v02.api.letsencrypt.org/directory
# letsencrypt_ca: https://acme-staging-v02.api.letsencrypt.org/directory
# letsencrypt_key_size: 4096
# letsencrypt_renew_days: 30
# Can be rsa, prime256v1 or secp384r1
# letsencrypt_key_algo: rsa
# letsencrypt_auto_renew: True
# letsencrypt_revoke_old_certs: False
#
letsencrypt_challenge: http
# If you want to use dns-01 challenges
# letsencrypt_challenge: dns
# letsencrypt_dns_provider: gandi
# letsencrypt_dns_provider_options: '--api-protocol=rest'
# letsencrypt_dns_auth_token: XXXX
# Specify a preferred chain of intermediate certs
# If not specified, it'll use the short ISRG Root X1 chain
# (not signed with the expired DST Root CA X3)
# The special value "default" means to omit the directive, and use the default
# dehydrated value
# letsencrypt_preferred_chain: default
#
letsencrypt_certs: []
# letsencrypt_certs:
# - common_name: www.domain.org
# alt_names:
# - www1.domain.org
# - m.domain.org
# - foo.domain.org
# - common_name: mail.domain.com
# - common_name: ldap.domain.com
# alt_names:
# - directory.domain.com
# config:
# CHALLENGETYPE: http-01
# RENEW_DAYS: 20
# KEYSIZE: 3072
letsencrypt_base_hooks:
clean_challenge: |
#!/bin/bash -e
# Managed by ansible, manual modifications will be lost
deploy_cert: |
#!/bin/bash -e
# Managed by ansible, manual modifications will be lost
deploy_challenge: |
#!/bin/bash -e
# Managed by ansible, manual modifications will be lost
exit_hook: |
#!/bin/bash -e
# Managed by ansible, manual modifications will be lost
generate_csr: |
#!/bin/bash -e
# Managed by ansible, manual modifications will be lost
invalid_challenge: |
#!/bin/bash -e
# Managed by ansible, manual modifications will be lost
request_failure: |
#!/bin/bash -e
# Managed by ansible, manual modifications will be lost
startup_hook: |
#!/bin/bash -e
# Managed by ansible, manual modifications will be lost
unchanged_cert: |
#!/bin/bash -e
# Managed by ansible, manual modifications will be lost
letsencrypt_extra_hooks: {}
letsencrypt_hooks: "{{ letsencrypt_base_hooks | combine(letsencrypt_extra_hooks, recursive=True) }}"
...