Provide apache2 configuration snippet.

3 files changed, 14 insertions, 2 deletions

diff --git a/Changelog b/Changelog
index 5252fd2..0674c4a 100644
--- a/Changelog
+++ b/Changelog
@@ -12,7 +12,7 @@ lacme (0.3) upstream;
     'iptables' option to Yes.
   + Change 'min-days' default from 10 to 21, to avoid expiration notices
     from Let's Encrypt when auto-renewal is done by a cronjob.
-  + Provide nginx configuration snippet.
+  + Provide nginx and apache2 configuration snippets.
   - Ensure lacme's config file descriptor is not passed to the accountd
     or webserver components.
   - new-cert: sort section names if not passed explicitely.
diff --git a/config/apache2.conf b/config/apache2.conf
new file mode 100644
index 0000000..20927fa
--- /dev/null
+++ b/config/apache2.conf
@@ -0,0 +1,12 @@
+# Use Apache2 to serve ACME requests by passing them over to a
+# locally-bound lacme webserver component.
+#
+# This file needs to be sourced to the server directives (at least the
+# non-ssl one) of each virtual host requiring authorization.
+
+<Location /.well-known/acme-challenge/>
+  ProxyPass unix:///var/run/lacme.socket|http://127.0.0.1/.well-known/acme-challenge/
+  Order allow,deny
+  Allow from all
+</Location>
+
diff --git a/config/nginx.conf b/config/nginx.conf
index e4ceb0c..6753ff9 100644
--- a/config/nginx.conf
+++ b/config/nginx.conf
@@ -1,4 +1,4 @@
-# Use nginx to serve ACME requests; either directly, or by passing them
+# Use Nginx to serve ACME requests; either directly, or by passing them
 # over to a locally-bound lacme webserver component.
 #
 # This file needs to be sourced to the server directives (at least the