-
Notifications
You must be signed in to change notification settings - Fork 2
/
main.yml
83 lines (72 loc) · 2.57 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
---
# Main directory for certificates and lego
lets_encrypt_directory_path: "/etc/ssl"
lets_encrypt_lego_archive_http_path: "https://github.com/go-acme/lego/releases/download/v4.6.0/lego_v4.6.0_linux_amd64.tar.gz"
#lets_encrypt_resource_name: "lego_resource_key"
lets_encrypt_account_email: "[email protected]"
# number of days before expiry the renewal will be performed
lets_encrypt_renew_limit: 30
# links the certificate to system CA folder,
# to allow localhost connections when staging certs are used.
# DO NOT USE ON PRODUCTION
lets_encrypt_install_as_trusted: false
# additional env vars for lego calls,
# e.g. to provide auth credentials for DNS solvers
lets_encrypt_additional_env: ""
#
# Optional cron expression variables
#
# If not set cronjob will run as : "0 11 * * *"
#lets_encrypt_cron_minute: 0
#lets_encrypt_cron_hour: 11
#lets_encrypt_cron_weekday: 5
##
# Challenge Server (live or dev/staging)
# Dev and staging environments should be configured to use the
# staging challenge server to avoid blocks to many recent requests
#
# Live:
#lets_encrypt_server: "https://acme-v02.api.letsencrypt.org/directory"
# Staging:
#lets_encrypt_server: "https://acme-staging-v02.api.letsencrypt.org/directory"
##
# Resource defaults, ie values applied to all certificates if per item values are present
#
#lets_encrypt_common_name: "somedomain.sitewards.net"
#lets_encrypt_csr_country_name: "DE"
#lets_encrypt_csr_locality_name: "Hesse"
#lets_encrypt_csr_organization_name: "Sitewards GmbH"
#lets_encrypt_csr_organizational_unit_name: "Engineering"
#lets_encrypt_csr_email_address: "[email protected]"
##
# List of resources requiring lets encrypt certificates
#
# Full list of supported dns providers:
# https://go-acme.github.io/lego/dns/
#
# Example:
# lets_encrypt_resources:
# - common_name: "somedomain1.sitewards.net"
# challenge: "dns"
# provider: "route53"
# preferred_chain: "ISRG Root X1"
# alt_names:
# - "somedomain1.sitewards.net"
# - "www.somedomain1.sitewards.net"
# - common_name: "somedomain2.sitewards.net"
# challenge: "http"
# webroot: "/var/www/html/somedomain2"
# alt_names:
# - "somedomain2.sitewards.net"
# - "www.somedomain2.sitewards.net"
# - common_name: "somedomain3.sitewards.net"
# challenge: "http"
# webroot: "/var/www/html/somedomain3"
# country_name: "DE"
# locality_name: "Hesse"
# organization_name: "Sitewards GmbH"
# organizational_unit_name: "Engineering"
# email: "[email protected]"
# alt_names:
# - "somedomain3.sitewards.net"
# - "www.somedomain3.sitewards.net"