31 lines
904 B
Django/Jinja
31 lines
904 B
Django/Jinja
{{ ansible_header | comment(decoration='# ') }}
|
|
|
|
# To generate the certificate, please use the following command
|
|
# certbot --config /etc/letsencrypt/conf.d/{{ item.certname }}.ini certonly
|
|
|
|
# Use a 4096 bit RSA key instead of 2048
|
|
rsa-key-size = 4096
|
|
|
|
# Always use the staging/testing server
|
|
# server = https://acme-staging.api.letsencrypt.org/directory
|
|
|
|
# Uncomment and update to register with the specified e-mail address
|
|
email = {{ item.mail }}
|
|
|
|
# Uncomment to use a text interface instead of ncurses
|
|
text = True
|
|
|
|
# Yes I want to sell my soul and my guinea pig.
|
|
agree-tos = True
|
|
|
|
# Use DNS-01 challenge
|
|
authenticator = manual
|
|
manual-auth-hook = /var/local/services/certbot/authenticator.py
|
|
manual-cleanup-hook = /var/local/services/certbot/cleanup.py
|
|
preferred-challenges = dns-01,
|
|
manual-public-ip-logging-ok = True
|
|
|
|
# Wildcard the domain
|
|
cert-name = {{ item.certname }}
|
|
domains = {{ item.domains }}
|