acromedia / ansible-role-letsencrypt Goto Github PK
View Code? Open in Web Editor NEWInstall and prepare letsencrypt for use on a shared www hosting server
License: GNU Affero General Public License v3.0
Install and prepare letsencrypt for use on a shared www hosting server
License: GNU Affero General Public License v3.0
It should actually try and link sites-available to sites-enabled, but it just uses the same variable for both src and destination.
Registering a default site certificate does not fit all use cases. Some use cases require more than just one cert to be registered, or certs to registered for things besides http virtual hosts (postfix, or vsftpd for example).
The role needs to support:
ssl_protocols
and ssl_ciphers
in the nginx templates are crazy obsolete.
Turn these two into role defaults, and set them to something way more modern.
LE operations are now seeing
Your system is not supported by certbot-auto anymore.
Certbot will no longer receive updates.
Please visit https://certbot.eff.org/ to check for other alternatives.
on ubuntu (at least on 16).
The certbot installation documentation page now shows references to snap
installations. We'll need to update the role to support this new installation method.
Seen a few failures lately with messages that look like:
...
Select the webroot for domain.extample.com:
Choices: ['Enter a new webroot', '/var/www/letsencrypt']
(You can set this with the --webroot-path flag). Skipping.
...
Error is caused by one of the subject alternative names missing from the certbot renewal config file.
Would be nice to find out why they're not showing up, but adding --webroot-path /var/www/letsencrypt
to the renewal command line is an easy workaround.
Cron is sending out notifications that the certbot process is already running.
It turns out that the snap version of certbot comes with a built in systemd timer (view them all with systemctl list-timers
) which performs renewals automatically. However certbot's renewal does not automatically reload http dameons to pick up the new cert version.
So the cron jobs need to be modified to only test + reload the web config, instead of renew + test + reload.
Some edge cases already have an alternate web server configuration going on, and we just want the software installed.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.