blob: 73eb740d5617b6ab104f1e7260a070dbfde9fb56 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
---
# acmesh_email: bob@exmaple.com
# Delegate DNS to this domain for example.com by setting
# _acme-challenge IN CNAME letsencrypt-delegate.example.com.
# or so. It does not even have to be at the same domain.
# acmesh_delegation_domain: letsencrypt-delegate.example.com
# acmesh_domains:
# - example.com
# You'll want to put this into vault
acmesh_env: |
export AWS_DEFAULT_REGION=us-east-2
export AWS_SECRET_ACCESS_KEY=<changeme>
export AWS_ACCESS_KEY_ID=<changeme>
# Set to an empty string to request from the production server, otherwise
# your certificates will be technically correct but invalid
acmesh_flags: --staging
# Set to 1 to force a renewal, you might want to set it back to 0 when done.
# automatically adds a --force flag
acmesh_force: '0'
acmesh_user:
name: acme
home: /var/acme
shell: /sbin/nologin
system: 'yes'
acmesh_dest: '{{acmesh_user.home}}/install'
acmesh_commit: 37cf431e8029e47d85db74e7608183c6eb9e57c9
acmesh_url: https://github.com/acmesh-official/acme.sh/archive/{{acmesh_commit}}.tar.gz
acmesh_checksum: sha256:0c6ee5ff16c516ace9d398658e33d810d5b970a214d34db81c06ab94b8936add
|
