feat: manage certbot

- add haproxy backend for be_letsencrypt
- manage the certbot role/profile
- create define to export certificate requests
This commit is contained in:
2024-07-07 16:12:53 +10:00
parent 991c8a3029
commit 9db714d02f
7 changed files with 75 additions and 0 deletions
+4
View File
@@ -53,6 +53,8 @@ profiles::haproxy::frontends:
options:
acl:
- 'acl-letsencrypt path_beg /.well-known/acme-challenge/'
use_backend:
- 'be_letsencrypt if acl-letsencrypt'
http-request:
- 'set-header X-Forwarded-Proto https'
- 'set-header X-Real-IP %[src]'
@@ -68,6 +70,8 @@ profiles::haproxy::frontends:
options:
acl:
- 'acl-letsencrypt path_beg /.well-known/acme-challenge/'
use_backend:
- 'be_letsencrypt if acl-letsencrypt'
http-request:
- 'set-header X-Forwarded-Proto https'
- 'set-header X-Real-IP %[src]'
+2
View File
@@ -0,0 +1,2 @@
---
profiles::certbot::server::contact: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAJxDjhvXONEm7VoZ74dBxOPxFAw9RrI2WOK1P5YiIWiXUkoOhQpPzy0PUlI4970ActfTi9Kr9fnyZJWr/7TQ/5GQuYvVxMcfWbOmIOA+6CCjR/PWR06lWQuq7eTmwTzQjw7teFZrpXmqutAMNAUEAmPBBKNKfKbOaFz4IWwph1TuXtXDuveu/RE2+8znWukhF92DuFBJSuw6SMDympdbgceq/guQAInMjIXwmCIa7DWCWYDSKw04Ai8yDnYoqaNRs0acbZV6slH49i/cOE6GKTxO8+vR/3TkjEvKH8lY2l37ndH9+pe58arKflm/Inik0zy0TBnHq7/AMmEpRtV0usTA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBUgafckUM981Pb6hn2/9KMgBAblakRJjULF7aZwx/PT09s]
+10
View File
@@ -0,0 +1,10 @@
---
profiles::certbot::server::domains:
- au-syd1-pve.main.unkin.net
- au-syd1-pve-api.main.unkin.net
- sonarr.main.unkin.net
- radarr.main.unkin.net
- lidarr.main.unkin.net
- readarr.main.unkin.net
- prowlarr.main.unkin.net
- fafflix.unkin.net