---

# acmesh_email: bob@exmaple.com

# Delegate DNS to this domain for example.com by setting
# _acme-challenge IN CNAME letsencrypt-delegate.example.com.
# or so. It does not even have to be at the same domain.
# acmesh_delegation_domain: letsencrypt-delegate.example.com

# acmesh_domains:
#   - example.com

# You'll want to put this into vault
acmesh_env: |
  export AWS_DEFAULT_REGION=us-east-2
  export AWS_SECRET_ACCESS_KEY=<changeme>
  export AWS_ACCESS_KEY_ID=<changeme>

# Set to an empty string to request from the production server, otherwise
# your certificates will be technically correct but invalid
acmesh_flags: --staging

# Set to 1 to force a renewal, you might want to set it back to 0 when done.
# automatically adds a --force flag
acmesh_force: '0'

acmesh_user:
  name: acme
  home: /var/acme
  shell: /sbin/nologin
  system: 'yes'

acmesh_dest: '{{acmesh_user.home}}/install'
acmesh_commit: 37cf431e8029e47d85db74e7608183c6eb9e57c9
acmesh_url: https://github.com/acmesh-official/acme.sh/archive/{{acmesh_commit}}.tar.gz
acmesh_checksum: sha256:0c6ee5ff16c516ace9d398658e33d810d5b970a214d34db81c06ab94b8936add