josiah
7b7284c32f
all of this is required for the synology LE role to work. this is still a massive WIP commit. synology LE works, but synology webdav using that LE cert does not yet work. there appears to be some cipher mismatch issue by default. |
||
---|---|---|
.. | ||
defaults | ||
tasks | ||
readme.md |
acmedns_remote_host
Set up a host so that an acmedns_*_updater
role (which may run on another host) can copy certs to it.
This will include adding an ssh key to authorized_keys
, and may include some other setup tasks.
Variables:
acmedns_remote_host_user
: The user on this host that will have the keys scp'd to itacmedns_remote_host_ssh_client_pubkey
: The public key to add toauthorized_keys
acmedns_remote_host_fix_homedir_permissions
: Modify homedir ofacmedns_remote_host_user
to not be world/group writable (required for ssh to allow key auth)acmedns_remote_host_allow_passwordless_sudo
: Modify sudoers to allowacmedns_remote_host_user
to sudo to root without providing a password