jowj/adc
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
7b7284c32f
adc/ansible/roles/acmedns_remote_host
History
josiah 7b7284c32f Add several roles; restructure group vars; restructure inventory. 
all of this is required for the synology LE role to work. this is
still a massive WIP commit.

synology LE works, but synology webdav using that LE cert does not
yet work. there appears to be some cipher mismatch issue by default.
2020-11-10 23:22:38 -06:00
..
defaults Add several roles; restructure group vars; restructure inventory. 2020-11-10 23:22:38 -06:00
tasks Add several roles; restructure group vars; restructure inventory. 2020-11-10 23:22:38 -06:00
readme.md Add several roles; restructure group vars; restructure inventory. 2020-11-10 23:22:38 -06:00

readme.md

acmedns_remote_host

Set up a host so that an acmedns_*_updater role (which may run on another host) can copy certs to it.

This will include adding an ssh key to authorized_keys, and may include some other setup tasks.

Variables:

  • acmedns_remote_host_user: The user on this host that will have the keys scp'd to it
  • acmedns_remote_host_ssh_client_pubkey: The public key to add to authorized_keys
  • acmedns_remote_host_fix_homedir_permissions: Modify homedir of acmedns_remote_host_user to not be world/group writable (required for ssh to allow key auth)
  • acmedns_remote_host_allow_passwordless_sudo: Modify sudoers to allow acmedns_remote_host_user to sudo to root without providing a password