roles/certbot: Set up Let's Encrypt certificates
The *certbot* role installs and configures the `certbot` ACME client. It adjusts the default configuration to allow the tool to run as an unprivileged user, and then configures Apache to work with the *webroot* plugin. It registers for an account and requests a certificate for the domains specified by the `certbot_domains` Ansible variable. Finally, it enables the *certbot-renew.timer* systemd unit to schedule automatic renewal of all Let's Encrypt certificates.
This commit is contained in:
9
roles/certbot/files/certbot.httpd.conf
Normal file
9
roles/certbot/files/certbot.httpd.conf
Normal file
@@ -0,0 +1,9 @@
|
||||
Alias /.well-known/acme-challenge /var/www/certbot/.well-known/acme-challenge
|
||||
|
||||
<IfModule mod_proxy.c>
|
||||
ProxyPass /.well-known/acme-challenge !
|
||||
</IfModule>
|
||||
|
||||
<Directory /var/www/certbot>
|
||||
Require all granted
|
||||
</Directory>
|
||||
Reference in New Issue
Block a user