Gitiles
Code Review Sign In
gerrit.opencord.org / ansible / role / acme / a38e3889796dafb88102316d7e783058a6e4843a
commita38e3889796dafb88102316d7e783058a6e4843a[log] [tgz]
authorZack Williams <zdw@opennetworking.org>Wed Jul 20 14:42:28 2022 -0700
committerZack Williams <zdw@opennetworking.org>Wed Jul 20 15:28:34 2022 -0700
tree31572c7b16b313e0116fbbeba6fa2229ea067a25
parentb13432c9037de68c816e3c37512d785bc1c64f26 [diff]
Update to work with Debian 11

- Add acl package
- Fix galaxy metadata

Change-Id: I0781d0e30f7a20e30525640f6adf1fbd46e64b55
7 files changed
tree: 31572c7b16b313e0116fbbeba6fa2229ea067a25
  1. .cookiecutter_params.json
  2. .reuse/
  3. LICENSES/
  4. Makefile
  5. README.md
  6. VERSION
  7. defaults/
  8. handlers/
  9. meta/
  10. molecule/
  11. tasks/
  12. templates/
  13. vars/
README.md

acme

acme.sh shell-script ACME client for issuing LetsEncrypt certificates

Has a chicken/egg problem if you haven't configured a webserver and are using the "http" method of obtaining certs - can't run the server without certs, can't issue certs without it being up. Best practice is to bootstrap a non-TLS server first, then run this role, then switch on TLS.

References

Upstream Options and Parameters

Requirements

Minimum tested ansible version: 2.9.5

Defaults

See defaults/main.yml

By default no certificates are issued, you need to configure the acme_certs to specify which ones to obtain.

Example Playbook

- hosts: all
  vars:
    acme_certs:
      - cert_names:
          - "static.example.com"
          - "alias.example.com"
        method: "http"
  roles:
    - acme

License and Author

© 2020 Open Networking Foundation support@opennetworking.org

License: Apache-2.0