From 2f77c2f0d1faec9b4af9e5b8445b5a287d966aeb Mon Sep 17 00:00:00 2001
From: Mitch Riedstra <mitch@riedstra.us>
Date: Sun, 4 Oct 2020 23:21:41 -0400
Subject: Initial work in progress

---
 defaults/main.yml | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 defaults/main.yml

(limited to 'defaults')

diff --git a/defaults/main.yml b/defaults/main.yml
new file mode 100644
index 0000000..3b276af
--- /dev/null
+++ b/defaults/main.yml
@@ -0,0 +1,32 @@
+---
+
+# acmesh_email: bob@exmaple.com
+
+# Delegate DNS to this domain for example.com by setting
+# _acme-challenge IN CNAME letsencrypt-delegate.example.com.
+# or so. It does not even have to be at the same domain.
+# acmesh_delegation_domain: letsencrypt-delegate.example.com
+
+# acmesh_domains:
+#   - example.com
+
+# You'll want to put this into vault
+acmesh_env: |
+  export AWS_DEFAULT_REGION=us-east-2
+  export AWS_SECRET_ACCESS_KEY=<changeme>
+  export AWS_ACCESS_KEY_ID=<changeme>
+
+# Set to an empty string to request from the production server, otherwise
+# your certificates will be technically correct but invalid
+acmesh_flags: --staging
+
+acmesh_user:
+  name: acme
+  home: /var/acme
+  shell: /sbin/nologin
+  system: 'yes'
+
+acmesh_dest: '{{acmesh_user.home}}/install'
+acmesh_commit: f2d350002e7c387fad9777a42cf9befe34996c35
+acmesh_url: https://github.com/acmesh-official/acme.sh/archive/{{acmesh_commit}}.tar.gz
+acmesh_checksum: sha256:a4e0cb73748eedf5029dd082a61eb7e35767f36356f2dfb18233ee4eb4f757cf
-- 
cgit v1.2.3