Dustin C. Hatch
c6a50313dc
The *certbot* role installs and configures the `certbot` ACME client. It adjusts the default configuration to allow the tool to run as an unprivileged user, and then configures Apache to work with the *webroot* plugin. It registers for an account and requests a certificate for the domains specified by the `certbot_domains` Ansible variable. Finally, it enables the *certbot-renew.timer* systemd unit to schedule automatic renewal of all Let's Encrypt certificates.
10 lines
219 B
Plaintext
10 lines
219 B
Plaintext
Alias /.well-known/acme-challenge /var/www/certbot/.well-known/acme-challenge
|
|
|
|
<IfModule mod_proxy.c>
|
|
ProxyPass /.well-known/acme-challenge !
|
|
</IfModule>
|
|
|
|
<Directory /var/www/certbot>
|
|
Require all granted
|
|
</Directory>
|