forked from ISTI-ansible-roles/ansible-roles
34 lines
1.2 KiB
YAML
34 lines
1.2 KiB
YAML
---
|
|
letsencrypt_install: False
|
|
letsencrypt_git_repo: 'https://github.com/letsencrypt/letsencrypt'
|
|
letsencrypt_dest_dir: /opt
|
|
letsencrypt_update_repo: True
|
|
letsencrypt_prerequisites:
|
|
- git
|
|
- bc
|
|
|
|
letsencrypt_auto: '{{ letsencrypt_dest_dir }}/letsencrypt/letsencrypt-auto'
|
|
letsencrypt_install_path: /root/.local/share/letsencrypt
|
|
letsencrypt_config_dir: /etc/letsencrypt
|
|
letsencrypt_certs_dir: '{{ letsencrypt_config_dir }}/live/{{ ansible_fqdn }}'
|
|
# In seconds. Default 7 days
|
|
letsencrypt_renew_before: 604800
|
|
letsencrypt_logdir: /var/log/letsencrypt
|
|
# The various services maintainers need to put the reconfigure/restart scripts there
|
|
letsencrypt_services_scripts_dir: /usr/local/lib/letsencrypt
|
|
|
|
# cli.ini parameters
|
|
letsencrypt_rsa_key_size: 4096
|
|
letsencrypt_email: sysadmin@example.com
|
|
letsencrypt_authenticator: standalone
|
|
letsencrypt_standalone_supp_challenges: 'http-01'
|
|
letsencrypt_agree_tos: True
|
|
letsencrypt_verbose: False
|
|
letsencrypt_text_interface: True
|
|
# The first on the list gives the name to the certs live directory.
|
|
# If it is not the machine FQDN, change the letsencrypt_cert_dir definition.
|
|
letsencrypt_domains: '{{ ansible_fqdn }} example.com example.org'
|
|
letsencrypt_renew_by_default: True
|
|
letsencrypt_standalone_port: 9999
|
|
|