josiah
7b7284c32f
all of this is required for the synology LE role to work. this is still a massive WIP commit. synology LE works, but synology webdav using that LE cert does not yet work. there appears to be some cipher mismatch issue by default.
13 lines
722 B
Markdown
13 lines
722 B
Markdown
# `acmedns_remote_host`
|
|
|
|
Set up a host so that an `acmedns_*_updater` role (which may run on another host) can copy certs to it.
|
|
|
|
This will include adding an ssh key to `authorized_keys`, and may include some other setup tasks.
|
|
|
|
Variables:
|
|
|
|
- `acmedns_remote_host_user`: The user on this host that will have the keys scp'd to it
|
|
- `acmedns_remote_host_ssh_client_pubkey`: The public key to add to `authorized_keys`
|
|
- `acmedns_remote_host_fix_homedir_permissions`: Modify homedir of `acmedns_remote_host_user` to not be world/group writable (required for ssh to allow key auth)
|
|
- `acmedns_remote_host_allow_passwordless_sudo`: Modify sudoers to allow `acmedns_remote_host_user` to sudo to root without providing a password
|