simoncaron.pve_acme

Panoramica Versioni Approfondimenti

Ansible Role: Proxmox VE Acme Config

=========

Ansible Lint
Ansible Release
Ansible Galaxy Downloads

This is an Ansible Role that sets up the acme plugin and certificates for a Proxmox VE node.

It was tested with Proxmox VE version 7.2.

Requirements

To use this role, you need pexpect to handle different command line prompts. If it’s not installed on the host, a task will automatically install it along with the python3-pip package.

Role Variables

Below are the available variables, with their default values (see defaults/main.yml):

  • pve_acme_domain: ""

  • pve_acme_account_name: default

  • pve_acme_account_email: ""

  • pve_acme_account_directory: "https://acme-v02.api.letsencrypt.org/directory"

  • pve_acme_validation_delay: "30"

  • pve_acme_plugin_name: ""

  • pve_acme_plugin_api: ""

  • pve_acme_plugin_data: ""

Set the pve_acme_domain to the full domain name of your node, like pve.example.com. The next three variables are for configuring the Acme account used to get certificates. It's best to keep pve_acme_account_name as default, as it’s the account used to order certificates. Use pve_acme_account_email for the email that will get notifications from Let's Encrypt. The pve_acme_account_directory should be either https://acme-v02.api.letsencrypt.org/directory (for real certificates) or https://acme-staging-v02.api.letsencrypt.org/directory (for testing certificates).

The pve_acme_validation_delay is the extra time in seconds to wait before checking validation. This helps with long DNS record time to live (TTL) issues.

The last three variables set up the plugin used for domain validation. pve_acme_plugin_name is the name shown in the Proxmox VE user interface. Set the pve_acme_plugin_api to one of the API plugin names supported by Proxmox (check the ACME Plugin ID name for the full list). Lastly, pve_acme_plugin_data should have the configuration details for the chosen API plugin (for instance, for Cloudflare, it should be CF_Token=cloudflare_token). Check the Proxmox UI for the configuration key list for each provider.

Dependencies

None.

Example Playbook

- hosts: localhost

  vars:
    pve_acme_domain: "pve.example.com"
    pve_acme_account_email: "[email protected]"
    pve_acme_plugin_name: "cloudflare"
    pve_acme_plugin_api: "cf"
    pve_acme_plugin_data: |
      CF_Token=123456abcde

  roles:
    - simoncaron.pve_acme

License

MIT License

Author Information

This role was created in 2022 by Simon Caron.

Informazioni sul progetto

A role to configure acme certificates on PVE node

role acme letsencrypt proxmox pve
Installa
ansible-galaxy install simoncaron.pve_acme
GitHub repository
15 stelle
3 fork
1 problemi aperti
Licenza
Unknown
Download
28.2k
Proprietario
Simon Caron
Software Engineer | IaC | Containers | Ansible | Kubernetes | Helm