Gitiles
Code Review Sign In
gerrit.opencord.org / ansible / role / acme
Clone this repo:

Branches

  1. a38e388 Update to work with Debian 11 by Zack Williams · 2 years, 4 months ago master
  2. b13432c Fix permission on sudoers file by Zack Williams · 4 years, 1 month ago
  3. 845c7ca INF-113 acme.sh LetsEncrypt certificate role by Zack Williams · 4 years, 5 months ago

acme

acme.sh shell-script ACME client for issuing LetsEncrypt certificates

Has a chicken/egg problem if you haven't configured a webserver and are using the "http" method of obtaining certs - can't run the server without certs, can't issue certs without it being up. Best practice is to bootstrap a non-TLS server first, then run this role, then switch on TLS.

References

Upstream Options and Parameters

Requirements

Minimum tested ansible version: 2.9.5

Defaults

See defaults/main.yml

By default no certificates are issued, you need to configure the acme_certs to specify which ones to obtain.

Example Playbook

- hosts: all
  vars:
    acme_certs:
      - cert_names:
          - "static.example.com"
          - "alias.example.com"
        method: "http"
  roles:
    - acme

License and Author

© 2020 Open Networking Foundation support@opennetworking.org

License: Apache-2.0