From e56713301b19c67480d84b55dd513575b50cfd42 Mon Sep 17 00:00:00 2001 From: Jonas Gunz Date: Tue, 20 Sep 2022 18:11:00 +0200 Subject: ACME for signed_certificate --- roles/signed_certificate/README.md | 35 ++++++++++++++++++++++------------- 1 file changed, 22 insertions(+), 13 deletions(-) (limited to 'roles/signed_certificate/README.md') diff --git a/roles/signed_certificate/README.md b/roles/signed_certificate/README.md index b048295..b1fa10e 100644 --- a/roles/signed_certificate/README.md +++ b/roles/signed_certificate/README.md @@ -3,22 +3,31 @@ ## CA Settings ``` -signed_certificate: - issuer_cn: 'Tets CN' - renew_at: '+5d' - valid_for: '+30d' - privkey_path: '/tmp/ca.key' - privkey_passphrase: '1234' - cert_content: '{{ lookup('file', /tmp/cert.pem) }}' -``` - -## Certificate settings - -``` +--- cert_name: '{{ ansible_facts.fqdn }}' +common_name: '{{ ansible_facts.fqdn }}' key_path: '/etc/ssl/private/' cert_path: '/etc/ssl/certs/' alt_name: '{{ "DNS:" + ansible_facts.fqdn }}' owner: root -group: root +group: ssl-cert + +signed_certificate: + issuer_cn: '' + renew_at: '+5d' + valid_for: '+30d' + privkey_path: '/invalid' + privkey_passphrase: '' + cert_content: '' + +use_acme: false + +acme: + directory: https://acme-v01.api.letsencrypt.org/directory + renew_at: 10 + account_email: mail@example.com + account_key: 'INVALID' + gandi: + api_key: '' + domain: '' ``` -- cgit v1.2.3