x509/certificates: generic config handling

author: Christian Pointner <equinox@spreadspace.org> 2023-09-12 00:41:07 +0200
committer: Christian Pointner <equinox@spreadspace.org> 2023-09-12 00:41:07 +0200
commit: 33890cacb183b69bf0032fd3dbd41b9c20cab4b1 (patch)
tree: f5d042cb37c9a72f4ba003d2a8efbaa31aa7b4a3 /chaos-at-home
parent: monitoring/grafana: add automatic handling for admin password and additonal u... (diff)
1 files changed, 16 insertions, 16 deletions
diff --git a/chaos-at-home/ch-http-proxy.yml b/chaos-at-home/ch-http-proxy.yml
index 24fd6f92..cab4e450 100644
--- a/chaos-at-home/ch-http-proxy.yml
+++ b/chaos-at-home/ch-http-proxy.yml
@@ -49,16 +49,16 @@
         template: generic
         tls:
           certificate_provider: acmetool
+          certificate_config:
+            request:
+              challenge:
+                http-self-test: false
         hostnames:
         - web.chaos-at-home.org
         locations:
           '/':
             root: /var/www/default
             index: index.html
-      acmetool_cert_config:
-        request:
-          challenge:
-            http-self-test: false
     include_role:
       name: nginx/vhost
 
@@ -115,6 +115,10 @@
         template: generic
         tls:
           certificate_provider: acmetool
+          certificate_config:
+            request:
+              challenge:
+                http-self-test: false
         hostnames:
         - passwd.chaos-at-home.org
         locations:
@@ -123,10 +127,6 @@
             proxy_ssl:
               verify: "on"
               trusted_certificate: /etc/ssl/whawty-auth-ca/ca.pem
-      acmetool_cert_config:
-        request:
-          challenge:
-            http-self-test: false
     include_role:
       name: nginx/vhost
 
@@ -183,6 +183,10 @@
         template: generic
         tls:
           certificate_provider: acmetool
+          certificate_config:
+            request:
+              challenge:
+                http-self-test: false
         hostnames:
         - webmail.chaos-at-home.org
         locations:
@@ -195,10 +199,6 @@
               ciphers: "DEFAULT@SECLEVEL=0"
             extra_directives: |-
               client_max_body_size 200M;
-      acmetool_cert_config:
-        request:
-          challenge:
-            http-self-test: false
     include_role:
       name: nginx/vhost
 
@@ -209,6 +209,10 @@
         template: generic
         tls:
           certificate_provider: acmetool
+          certificate_config:
+            request:
+              challenge:
+                http-self-test: false
         hostnames:
         - webdav.chaos-at-home.org
         locations:
@@ -219,10 +223,6 @@
               trusted_certificate: /etc/ssl/prometheus-old-ca/ca.pem
               protocols: TLSv1
               ciphers: "DEFAULT@SECLEVEL=0"
-      acmetool_cert_config:
-        request:
-          challenge:
-            http-self-test: false
     include_role:
       name: nginx/vhost
author	Christian Pointner <equinox@spreadspace.org>	2023-09-12 00:41:07 +0200
committer	Christian Pointner <equinox@spreadspace.org>	2023-09-12 00:41:07 +0200
commit	33890cacb183b69bf0032fd3dbd41b9c20cab4b1 (patch)
tree	f5d042cb37c9a72f4ba003d2a8efbaa31aa7b4a3 /chaos-at-home
parent	monitoring/grafana: add automatic handling for admin password and additonal u... (diff)