Install newest Caddy version with role nvjacobo.caddy and update template and pre-generated certs
This commit will also allow Caddy to properly generate certs with longer lifetimes than 12 hours, and by default it has been set to 1 month
This commit is contained in:
parent
733c3ed250
commit
6024d2a50c
8 changed files with 35 additions and 34 deletions
|
|
@ -42,3 +42,7 @@ tasks:
|
|||
|
||||
Note that the domains get looped over, so you can have multiple of them.
|
||||
Certificates for domains can be found in the folder /etc/letsencrypt/live/domainname though it might be wise to change this
|
||||
|
||||
# Dependencies
|
||||
|
||||
[nvjacobo.caddy](https://github.com/nvjacobo/caddy.git) - Used for installing Caddy
|
||||
|
|
|
|||
|
|
@ -1,12 +1,12 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIBtDCCAVqgAwIBAgIRAMHp+q/ddqH+S9fE5V7QhhkwCgYIKoZIzj0EAwIwJjEk
|
||||
MCIGA1UEAxMbTXkgTG9jYWwgQ0EgLSAyMDI1IEVDQyBSb290MB4XDTI1MTIwMTEz
|
||||
MTg1M1oXDTI1MTIwODEzMTg1M1owKTEnMCUGA1UEAxMeTXkgTG9jYWwgQ0EgLSBF
|
||||
Q0MgSW50ZXJtZWRpYXRlMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEZL83Hyar
|
||||
iIsBkRtRNxRtHoiW7KEUuxq4gVyNrJjtdYZwlfZE+qOCYo5I6E99zZiVD2SZNe1x
|
||||
uVXYV6mcERDnC6NmMGQwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
|
||||
AQAwHQYDVR0OBBYEFJII7wjwySNFSJWt700GYE1JfsGxMB8GA1UdIwQYMBaAFHCv
|
||||
EafSET7wyiMUOd3eZrQx3lw8MAoGCCqGSM49BAMCA0gAMEUCIQCCj54nwceSHHJ+
|
||||
RCN2CyEByqMh/RdDd/FijJ800x3J6gIgemnp9J3CrKN/Fzy3JOhetVCRkVqjDNLc
|
||||
ZH4K1pYnDBA=
|
||||
MIIBtDCCAVqgAwIBAgIRALrzZ2s5VtqAmn4XFGu/r7owCgYIKoZIzj0EAwIwJjEk
|
||||
MCIGA1UEAxMbTXkgTG9jYWwgQ0EgLSAyMDI1IEVDQyBSb290MB4XDTI1MTIwOTEz
|
||||
MTYyMloXDTI2MTIwOTEzMTYyMlowKTEnMCUGA1UEAxMeTXkgTG9jYWwgQ0EgLSBF
|
||||
Q0MgSW50ZXJtZWRpYXRlMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE5QvpDkl0
|
||||
/zAug3sHNQDig0khq1oIRWL8TjNf92zgXm65tTI9HL0khYH+2WaT8/E9yfP5G9J5
|
||||
a4nDOM6rKsL/rqNmMGQwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
|
||||
AQAwHQYDVR0OBBYEFBSQKBjweZcJtluzSEzdfA3rCMH+MB8GA1UdIwQYMBaAFLf7
|
||||
HOJMt7rcWgyNVQFwg1ibX4rkMAoGCCqGSM49BAMCA0gAMEUCIQCt4S/kc8bZ1amw
|
||||
NRkwxfNEJn8xWMeLVgT/t50PWTfA1gIgJ1/6IoyRmrsNmHdChA+WcINK/1jsAOMV
|
||||
CcvYlcfWNH0=
|
||||
-----END CERTIFICATE-----
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
-----BEGIN EC PRIVATE KEY-----
|
||||
MHcCAQEEIDLfKjCXLIseInlVmkL1dx6K/Iv6uxjhJjRmI4xr9kXNoAoGCCqGSM49
|
||||
AwEHoUQDQgAEZL83HyariIsBkRtRNxRtHoiW7KEUuxq4gVyNrJjtdYZwlfZE+qOC
|
||||
Yo5I6E99zZiVD2SZNe1xuVXYV6mcERDnCw==
|
||||
MHcCAQEEIDWrFHeV74K3DqFXy8kAxk/mNFXIU4ZASGof0zcJcmEfoAoGCCqGSM49
|
||||
AwEHoUQDQgAE5QvpDkl0/zAug3sHNQDig0khq1oIRWL8TjNf92zgXm65tTI9HL0k
|
||||
hYH+2WaT8/E9yfP5G9J5a4nDOM6rKsL/rg==
|
||||
-----END EC PRIVATE KEY-----
|
||||
|
|
|
|||
|
|
@ -1,11 +1,11 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIBjzCCATWgAwIBAgIQMNAFWqphrzOxuSOWVbSr4jAKBggqhkjOPQQDAjAmMSQw
|
||||
IgYDVQQDExtNeSBMb2NhbCBDQSAtIDIwMjUgRUNDIFJvb3QwHhcNMjUxMjAxMTMx
|
||||
ODUzWhcNMzUxMDEwMTMxODUzWjAmMSQwIgYDVQQDExtNeSBMb2NhbCBDQSAtIDIw
|
||||
MjUgRUNDIFJvb3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASD2byYNpauRUOg
|
||||
LggkyrY/ZRMZIQMT+rXlQMctxnV77VOdaXccTC2vfpOS2tqwcwySyP1NYg1DqvD0
|
||||
L4VjUb/To0UwQzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBATAd
|
||||
BgNVHQ4EFgQUcK8Rp9IRPvDKIxQ53d5mtDHeXDwwCgYIKoZIzj0EAwIDSAAwRQIh
|
||||
AI4rOGX/GNjlUnwixzcXM1FFrBrarzRZd/6+z99I+1yhAiAqxxK69h4ae0nylgVO
|
||||
pKlmiO5bk38ZfwjN6qAIqMaCcg==
|
||||
MIIBkDCCATWgAwIBAgIQdEKF0J4ML82roSwYCus/BjAKBggqhkjOPQQDAjAmMSQw
|
||||
IgYDVQQDExtNeSBMb2NhbCBDQSAtIDIwMjUgRUNDIFJvb3QwHhcNMjUxMjA5MTMx
|
||||
NjIyWhcNMzUxMDE4MTMxNjIyWjAmMSQwIgYDVQQDExtNeSBMb2NhbCBDQSAtIDIw
|
||||
MjUgRUNDIFJvb3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR5wtXojFvtONCz
|
||||
UjwelJcZY+6Xvc3+/UIrzUreWxD1qSFxoB7l2U4bx5b6C2ETA/HbJJ5vf9eyW6tC
|
||||
B91MpfKao0UwQzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBATAd
|
||||
BgNVHQ4EFgQUt/sc4ky3utxaDI1VAXCDWJtfiuQwCgYIKoZIzj0EAwIDSQAwRgIh
|
||||
AKVHqPFqMh1fLY1h3ZRzOgoIiL0GlNZxKqF7LfaYOhzaAiEA7yTTzHsHLbKl6eHk
|
||||
T0OvbpceB13fDWHJmEo/SYtJQbo=
|
||||
-----END CERTIFICATE-----
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
-----BEGIN EC PRIVATE KEY-----
|
||||
MHcCAQEEICFWtuowkCW/82uhRaJUuisuQFQ3kQc6WH2xopi6aID8oAoGCCqGSM49
|
||||
AwEHoUQDQgAEg9m8mDaWrkVDoC4IJMq2P2UTGSEDE/q15UDHLcZ1e+1TnWl3HEwt
|
||||
r36TktrasHMMksj9TWINQ6rw9C+FY1G/0w==
|
||||
MHcCAQEEIKWFm7sak+X2jXs6gArHGn9g3QO1U+di1MHypsO7nScXoAoGCCqGSM49
|
||||
AwEHoUQDQgAEecLV6Ixb7TjQs1I8HpSXGWPul73N/v1CK81K3lsQ9akhcaAe5dlO
|
||||
G8eW+gthEwPx2ySeb3/XslurQgfdTKXymg==
|
||||
-----END EC PRIVATE KEY-----
|
||||
|
|
|
|||
|
|
@ -9,4 +9,5 @@ galaxy_info:
|
|||
- caddy
|
||||
- tls
|
||||
- localca
|
||||
dependencies: []
|
||||
dependencies:
|
||||
- role: nvjacobo.caddy
|
||||
|
|
|
|||
|
|
@ -1,8 +1,3 @@
|
|||
- name: Ensure Caddy is installed
|
||||
ansible.builtin.package:
|
||||
name: caddy
|
||||
state: present
|
||||
|
||||
- name: Create Caddy configuration directory
|
||||
become: yes
|
||||
ansible.builtin.file:
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@
|
|||
pki {
|
||||
ca local {
|
||||
name "My Local CA"
|
||||
intermediate_lifetime 365d
|
||||
}
|
||||
}
|
||||
http_port 8080
|
||||
|
|
@ -11,6 +12,6 @@
|
|||
localhost:8443 {
|
||||
acme_server {
|
||||
ca local
|
||||
lifetime 720h
|
||||
lifetime 30d
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue