kris/homelab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Use DNS-01 on Cloudflare for wildcard LE certs

Browse Source
This commit is contained in:
Kris Lamoureux
2022-05-23 03:32:56 -04:00
parent acd2cefb1e
commit 9a4aece442
5 changed files with 79 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
roles/proxy/templates/cloudflare.ini.j2 Normal file
View File

@@ -0,0 +1,2 @@
# Cloudflare API token used by Certbot
dns_cloudflare_api_token = {{ proxy.dns_cloudflare.api_token }}

8
roles/proxy/templates/server-nginx.conf.j2
View File

@@ -2,7 +2,13 @@ server {
listen 443 ssl;
server_name {{ item.domain }};
access_log /var/log/nginx/{{ item.domain }}.log main;
{% if not item.production %}
{% if proxy.production and item.tls.cert is not defined %}
ssl_certificate /etc/letsencrypt/live/{{ item.domain }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ item.domain }}/privkey.pem;
{% elif proxy.production and item.tls.cert is defined %}
ssl_certificate {{ item.tls.cert }};
ssl_certificate_key {{ item.tls.key }};
{% else %}
ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;
{% endif %}