mv config/{apache2.conf,nginx.conf} snippets/

2 files changed, 30 insertions, 0 deletions

diff --git a/snippets/apache2.conf b/snippets/apache2.conf
new file mode 100644
index 0000000..471791c
--- /dev/null
+++ b/snippets/apache2.conf
@@ -0,0 +1,12 @@
+# Use Apache2 to serve ACME requests by passing them over to a
+# locally-bound lacme webserver component.
+#
+# This file needs to be sourced to the server directives (at least the
+# non-ssl one) of each virtual host requiring authorization.
+
+<Location /.well-known/acme-challenge/>
+  ProxyPass unix:///var/run/lacme.socket|http://localhost/.well-known/acme-challenge/
+  Order allow,deny
+  Allow from all
+</Location>
+
diff --git a/snippets/nginx.conf b/snippets/nginx.conf
new file mode 100644
index 0000000..6753ff9
--- /dev/null
+++ b/snippets/nginx.conf
@@ -0,0 +1,18 @@
+# Use Nginx to serve ACME requests; either directly, or by passing them
+# over to a locally-bound lacme webserver component.
+#
+# This file needs to be sourced to the server directives (at least the
+# non-ssl one) of each virtual host requiring authorization.
+
+location ^~ /.well-known/acme-challenge/ {
+    # Pass ACME requests to lacme's webserver component
+    proxy_pass http://unix:/var/run/lacme.socket;
+
+    ## Alternatively, you can let nginx serve the requests by
+    ## setting 'challenge-directory' to '/var/www/acme-challenge' in
+    ## lacme's configuration file
+    # alias /var/www/acme-challenge/;
+    # default_type application/jose+json;
+    # disable_symlinks on from=$document_root;
+    # autoindex off;
+}