lego: add configuration

2024-04-14 18:30:16 -05:00 · 2024-04-14 18:30:16 -05:00 · 22ab3586a1
commit 22ab3586a1
parent f4585ad0ee
2 changed files with 26 additions and 0 deletions
--- a/group_vars/all/main.yaml
+++ b/group_vars/all/main.yaml
@ -368,3 +368,7 @@ influxdb_package_state: absent
 telegraf_service_enabled: false
 telegraf_service_state: stopped
 telegraf_package_state: absent
+
+lego_credential_files:
+  - name: credentials.json
+    content: "{{ vault_lego_gcp_service_account | string }}"
--- a/host_vars/jump0.kill0.net/all.yaml
+++ b/host_vars/jump0.kill0.net/all.yaml
@ -18,6 +18,28 @@ certbot_certificates:
  - domains:
      - cavi.cc
    email: rcavicchioni@gmail.com
+  - domains:
+      - proxy.kill0.net
+    email: rcavicchioni@gmail.com
+
+lego_user_environ:
+  GCE_PROJECT: kill0-net
+  GCE_SERVICE_ACCOUNT_FILE: "{{ lego_etc_dir_path }}/credentials.json"
+
+lego_bin_user_args:
+  - --email rcavicchioni@gmail.com
+  - --dns gcloud
+
+lego_bin_renew_user_args:
+  - --renew-hook "systemctl reload nginx"
+
+lego_domains:
+  - name: cavi.cc
+  - name: dl.kill0.net
+  - name: git.kill0.net
+  - name: monitor.kill0.net
+  - name: proxy.kill0.net
+  - name: stats.kill0.net

 autossh_config: []