blob: a537feeda62e265ae65177d22197769e6da0c180 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
---
# acmesh_email: bob@exmaple.com
# Delegate DNS to this domain for example.com by setting
# _acme-challenge IN CNAME letsencrypt-delegate.example.com.
# or so. It does not even have to be at the same domain.
# acmesh_delegation_domain: letsencrypt-delegate.example.com
# acmesh_domains:
# - example.com
# You'll want to put this into vault
acmesh_env: |
export AWS_DEFAULT_REGION=us-east-2
export AWS_SECRET_ACCESS_KEY=<changeme>
export AWS_ACCESS_KEY_ID=<changeme>
# Set to an empty string to request from the production server, otherwise
# your certificates will be technically correct but invalid
acmesh_flags: --staging
# Set to 1 to force a renewal, you might want to set it back to 0 when done.
# automatically adds a --force flag
acmesh_force: '0'
acmesh_user:
name: acme
home: /var/acme
shell: /sbin/nologin
system: 'yes'
acmesh_dest: '{{acmesh_user.home}}/install'
acmesh_commit: 44615c6fa2115a2010a87ed575699ec8f8a746e8
acmesh_url: https://github.com/acmesh-official/acme.sh/archive/{{acmesh_commit}}.tar.gz
acmesh_checksum: sha256:3ae52bf59e21d2acbd060725c98279617da7aad2acc00131deb777dfce25a307
|
