Add functionality by copy-pasting pre-generated certs to vm and update README.md

This commit includes the pre-generated certs in the files/certs directory. README.md was thoroughly updated to include an example of using certbot with this role and how to import the root.crt to Firefox.
2025-12-01 15:51:30 +02:00 · 2025-12-01 15:51:30 +02:00 · 733c3ed250
commit 733c3ed250
parent b3204eb4da
8 changed files with 130 additions and 12 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -2,4 +2,27 @@

 caddy_root: /usr/share/caddy
 caddy_config_path: /etc/caddy/Caddyfile
-caddy_service_name: caddy
+caddy_service_name: caddy
+
+caddy_trust_local_ca: false
+
+# system user/group for Caddy runtime files
+caddy_user: caddy
+caddy_group: caddy
+
+# path where role will deploy Caddy authority certs
+caddy_authorities_path: /var/lib/caddy/.local/share/caddy/pki/authorities/local
+caddy_authorities_mode: '0700'
+
+# templates subdirectory that contains the cert files (role/templates/<dir>/...)
+caddy_certs_template_dir: certs
+
+# ownership/mode for deployed cert files
+caddy_cert_owner: "{{ caddy_user }}"
+caddy_cert_group: "{{ caddy_group }}"
+caddy_cert_mode: '0600'
+
+# ownership/mode for caddy_root
+caddy_root_owner: www-data
+caddy_root_group: www-data
+caddy_root_mode: '0755'