Page MenuHomeDevCentral
Paste P345

roles/core/certificates/letsencrypt-certificates.sls
ActivePublic
Actions

Authored by dereckson on Dec 16 2023, 00:48.
# -------------------------------------------------------------
# Salt — Let's encrypt certificates
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2017-04-27
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
{% from "map.jinja" import dirs with context %}
# -------------------------------------------------------------
# Certificates
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{% for domain in pillar.get("certificates_letsencrypt", []) %}
certificate_{{ domain }}:
cmd.run:
- name: certbot certonly -d {{ domain }}
- creates: {{ dirs.etc }}/letsencrypt/live/{{ domain }}/fullchain.pem
{% endfor %}
{% for key, domains in pillar.get("certificates_letsencrypt_multiple", {}).items() %}
certificate_{{ key }}:
cmd.run:
- name: certbot certonly{% for domain domains %} -d {{ domain }}{% endfor %}
- creates: {{ dirs.etc }}/letsencrypt/live/{{ domains[0] }}/fullchain.pem
{% endfor %}

Event Timeline

dereckson created this paste.Dec 16 2023, 00:48

If we issue certificates through DNS, we need to issue them manually to add CNAME records.

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator