23 lines
1 KiB
Markdown
23 lines
1 KiB
Markdown
# Role `certbot`
|
|
|
|
A role for deploying Certbot and setting up certificates using it.
|
|
|
|
Note: This role doesn't take care of deleting certificates.
|
|
|
|
Also see the following documentation for a full How-to on how to get certificates using this role in the context of our infra: <https://wiki.ccchh.net/infrastructure:zertifikate>.
|
|
|
|
## Required Arguments
|
|
|
|
- `certbot__acme_account_email_address`: The E-Mail address to use for the ACME account.
|
|
- `certbot__certificate_domains`: The domains for which to obtain a certificate.
|
|
|
|
## Optional Arguments
|
|
|
|
- `certbot__http_01_port`: The port number the bot listens on. Should be `80` if directly exposed to the internet.
|
|
Defaults to `31820` (for the public-reverse-proxy setup).
|
|
- `certbot__new_cert_commands`: A list of commands to execute after getting a new certificate. Will be added into a bash script.
|
|
Defaults to the empty list (`[ ]`).
|
|
|
|
## `hosts`
|
|
|
|
The `hosts` for this role need to be the machines on which you want to make sure Certbot is deployed and given certificates are set up.
|