From 96dc4add445c5a48632bef6f8a4f0440c70f03d0 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Thu, 29 Jun 2017 22:23:38 +0200 Subject: Provide apache2 configuration snippet. --- Changelog | 2 +- config/apache2.conf | 12 ++++++++++++ config/nginx.conf | 2 +- 3 files changed, 14 insertions(+), 2 deletions(-) create mode 100644 config/apache2.conf diff --git a/Changelog b/Changelog index 5252fd2..0674c4a 100644 --- a/Changelog +++ b/Changelog @@ -12,7 +12,7 @@ lacme (0.3) upstream; 'iptables' option to Yes. + Change 'min-days' default from 10 to 21, to avoid expiration notices from Let's Encrypt when auto-renewal is done by a cronjob. - + Provide nginx configuration snippet. + + Provide nginx and apache2 configuration snippets. - Ensure lacme's config file descriptor is not passed to the accountd or webserver components. - new-cert: sort section names if not passed explicitely. diff --git a/config/apache2.conf b/config/apache2.conf new file mode 100644 index 0000000..20927fa --- /dev/null +++ b/config/apache2.conf @@ -0,0 +1,12 @@ +# Use Apache2 to serve ACME requests by passing them over to a +# locally-bound lacme webserver component. +# +# This file needs to be sourced to the server directives (at least the +# non-ssl one) of each virtual host requiring authorization. + + + ProxyPass unix:///var/run/lacme.socket|http://127.0.0.1/.well-known/acme-challenge/ + Order allow,deny + Allow from all + + diff --git a/config/nginx.conf b/config/nginx.conf index e4ceb0c..6753ff9 100644 --- a/config/nginx.conf +++ b/config/nginx.conf @@ -1,4 +1,4 @@ -# Use nginx to serve ACME requests; either directly, or by passing them +# Use Nginx to serve ACME requests; either directly, or by passing them # over to a locally-bound lacme webserver component. # # This file needs to be sourced to the server directives (at least the -- cgit v1.2.3