From 33890cacb183b69bf0032fd3dbd41b9c20cab4b1 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Tue, 12 Sep 2023 00:41:07 +0200 Subject: x509/certificates: generic config handling --- chaos-at-home/ch-http-proxy.yml | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) (limited to 'chaos-at-home') diff --git a/chaos-at-home/ch-http-proxy.yml b/chaos-at-home/ch-http-proxy.yml index 24fd6f92..cab4e450 100644 --- a/chaos-at-home/ch-http-proxy.yml +++ b/chaos-at-home/ch-http-proxy.yml @@ -49,16 +49,16 @@ template: generic tls: certificate_provider: acmetool + certificate_config: + request: + challenge: + http-self-test: false hostnames: - web.chaos-at-home.org locations: '/': root: /var/www/default index: index.html - acmetool_cert_config: - request: - challenge: - http-self-test: false include_role: name: nginx/vhost @@ -115,6 +115,10 @@ template: generic tls: certificate_provider: acmetool + certificate_config: + request: + challenge: + http-self-test: false hostnames: - passwd.chaos-at-home.org locations: @@ -123,10 +127,6 @@ proxy_ssl: verify: "on" trusted_certificate: /etc/ssl/whawty-auth-ca/ca.pem - acmetool_cert_config: - request: - challenge: - http-self-test: false include_role: name: nginx/vhost @@ -183,6 +183,10 @@ template: generic tls: certificate_provider: acmetool + certificate_config: + request: + challenge: + http-self-test: false hostnames: - webmail.chaos-at-home.org locations: @@ -195,10 +199,6 @@ ciphers: "DEFAULT@SECLEVEL=0" extra_directives: |- client_max_body_size 200M; - acmetool_cert_config: - request: - challenge: - http-self-test: false include_role: name: nginx/vhost @@ -209,6 +209,10 @@ template: generic tls: certificate_provider: acmetool + certificate_config: + request: + challenge: + http-self-test: false hostnames: - webdav.chaos-at-home.org locations: @@ -219,10 +223,6 @@ trusted_certificate: /etc/ssl/prometheus-old-ca/ca.pem protocols: TLSv1 ciphers: "DEFAULT@SECLEVEL=0" - acmetool_cert_config: - request: - challenge: - http-self-test: false include_role: name: nginx/vhost -- cgit v1.2.3