zwischenloesung.acme-tiny-setup

Panoramica Versioni Approfondimenti

Acme-Tiny Setup

This is an Ansible role designed to set up everything you need to sign certificates with Let's Encrypt. It is inspired by the ganto.acme_tiny role. Thanks to ganto for their work!

This role should be run on any server that requires certificates. If the server cannot be accessed via the web or if you cannot use the zwischenloesung.acme-tiny role for some reason, you'll need to find a way to send the certificate request to the main server and then return the final certificate back.

Why not use existing roles?

  • First, please check the "Promise" section below. We need something trustworthy.
  • This role will work with maestro and needs to fit the logic used there. (You can use the role without maestro as well.)

STATUS

Development has now moved to inofix.acme-*

Promise

This role may evolve over time, but we will only add features that maintain compatibility with existing setups.

If significant changes are needed, a new role will be created, likely with 'ng' or a version number added...

Installation

ansible-galaxy install zwischenloesung.acme-tiny-setup

Requirements

  • Ansible version greater than 2.0
  • Python2/3 installed on the target server
  • A generic UNIX system with FHS (Filesystem Hierarchy Standard)
  • Sudo access
  • Systemd (by default)

Role Variables

  • app__acme__tiny__user - optional, defaults to 'acme'
  • app__acme__tiny__group - optional, defaults to 'acme'
  • app__acme__tiny__home - optional, defaults to '/var/lib/acme'
  • app__acme__tiny__config_dir - optional, defaults to '/etc/ssl/acme-tiny'
  • app__acme__tiny__openssl_config - optional, defaults to '/etc/ssl/openssl.cnf'
  • app__acme__tiny__challenge_dir - optional, defaults to '/var/www/acme-challenges'
  • app__acme__tiny__account_key - optional, defaults to 'account.key'
  • app__acme__tiny__domain - optional, defaults to 'example.com'
  • app__acme__tiny__cert_name - optional, set automatically
  • app__acme__tiny__log_dir - optional, defaults to '/var/log/acme-tiny'
  • app__acme__tiny__cert_dir - optional, set automatically
  • app__acme__tiny__key - optional, set automatically
  • app__acme__tiny__request - optional, set automatically
  • app__acme__tiny__letsencrypt_certs - optional, defaults to [{url='https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem', file='intermediate.crt'}, {url='https://letsencrypt.org/certs/isrgrootx1.pem', file='ca.crt'}]
  • app__acme__tiny__key_length - optional, defaults to 4096

Dependencies

Example Playbook

- hosts: servers
  roles:
     - zwischenloesung.acme-tiny-setup

License

GPLv3

Author Information

Informazioni sul progetto

Install the famous acme-tiny python script

role acme acmetiny cert certificate certificates certs letsencrypt ssl system tls
Installa
ansible-galaxy install zwischenloesung.acme-tiny-setup
GitHub repository
0 stelle
0 fork
0 problemi aperti
Licenza
gpl-3.0
Download
110
Proprietario