aboutsummaryrefslogtreecommitdiffstats
path: root/snippets
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2017-07-08 20:59:11 +0200
committerGuilhem Moulin <guilhem@fripost.org>2017-07-08 20:59:11 +0200
commit8349b801a5f7e5f11b0a758d7ab28d8b79eb08ea (patch)
treec921cc887be5ace74dabb1c4650351bf14b51b7c /snippets
parent13a0c9cf64543214282c6809cbbc43ef225df935 (diff)
mv config/{apache2.conf,nginx.conf} snippets/
Diffstat (limited to 'snippets')
-rw-r--r--snippets/apache2.conf12
-rw-r--r--snippets/nginx.conf18
2 files changed, 30 insertions, 0 deletions
diff --git a/snippets/apache2.conf b/snippets/apache2.conf
new file mode 100644
index 0000000..471791c
--- /dev/null
+++ b/snippets/apache2.conf
@@ -0,0 +1,12 @@
+# Use Apache2 to serve ACME requests by passing them over to a
+# locally-bound lacme webserver component.
+#
+# This file needs to be sourced to the server directives (at least the
+# non-ssl one) of each virtual host requiring authorization.
+
+<Location /.well-known/acme-challenge/>
+ ProxyPass unix:///var/run/lacme.socket|http://localhost/.well-known/acme-challenge/
+ Order allow,deny
+ Allow from all
+</Location>
+
diff --git a/snippets/nginx.conf b/snippets/nginx.conf
new file mode 100644
index 0000000..6753ff9
--- /dev/null
+++ b/snippets/nginx.conf
@@ -0,0 +1,18 @@
+# Use Nginx to serve ACME requests; either directly, or by passing them
+# over to a locally-bound lacme webserver component.
+#
+# This file needs to be sourced to the server directives (at least the
+# non-ssl one) of each virtual host requiring authorization.
+
+location ^~ /.well-known/acme-challenge/ {
+ # Pass ACME requests to lacme's webserver component
+ proxy_pass http://unix:/var/run/lacme.socket;
+
+ ## Alternatively, you can let nginx serve the requests by
+ ## setting 'challenge-directory' to '/var/www/acme-challenge' in
+ ## lacme's configuration file
+ # alias /var/www/acme-challenge/;
+ # default_type application/jose+json;
+ # disable_symlinks on from=$document_root;
+ # autoindex off;
+}