ansible-role-acme/defaults/main.yml

36 lines
1.2 KiB
YAML

acme_ssl_dir: /etc/ssl
acme_config_dir: "{{ acme_ssl_dir }}/acme.d"
acme_config_file: "{{ acme_ssl_dir }}/acme.yml"
acme_keys_dir: "{{ acme_ssl_dir }}/private"
acme_csr_dir: "{{ acme_ssl_dir }}/csr"
acme_certs_dir: "{{ acme_ssl_dir }}/certs"
acme_accounts_dir: "{{ acme_ssl_dir }}/accounts"
acme_script_dir: /opt/acme
acme_script_bin: /usr/local/bin/acme-renew-cert
acme_ssl_group: ssl-cert
acme_account_private_key: "{{ acme_accounts_dir }}/acme_account.key"
acme_account_email: acme@example.com
acme_account_owner: root
acme_account_group: "{{ acme_account_group }}"
acme_directory_url: https://acme-staging-v02.api.letsencrypt.org/directory
acme_root_dir: /var/www/acme
acme_challenge_dir: "{{ acme_challenge_root_dir }}/.well-known/acme-challenge"
acme_domains:
example.com:
alt_names:
- test.example.com
owner: root
group: "{{ acme_ssl_group }}"
remaining_days: 30
hooks:
- systemctl reload nginx
acme_config:
account:
private_key: "{{ acme_account_private_key }}"
email: "{{ acme_account_email }}"
owner: "{{ acme_account_owner }}"
group: "{{ acme_account_group }}"
directory_url: "{{ acme_directory_url }}"
challenge_dir: "{{ acme_challenge_dir }}"