aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Changelog2
-rw-r--r--config/apache2.conf12
-rw-r--r--config/nginx.conf2
3 files changed, 14 insertions, 2 deletions
diff --git a/Changelog b/Changelog
index 5252fd2..0674c4a 100644
--- a/Changelog
+++ b/Changelog
@@ -12,7 +12,7 @@ lacme (0.3) upstream;
'iptables' option to Yes.
+ Change 'min-days' default from 10 to 21, to avoid expiration notices
from Let's Encrypt when auto-renewal is done by a cronjob.
- + Provide nginx configuration snippet.
+ + Provide nginx and apache2 configuration snippets.
- Ensure lacme's config file descriptor is not passed to the accountd
or webserver components.
- new-cert: sort section names if not passed explicitely.
diff --git a/config/apache2.conf b/config/apache2.conf
new file mode 100644
index 0000000..20927fa
--- /dev/null
+++ b/config/apache2.conf
@@ -0,0 +1,12 @@
+# Use Apache2 to serve ACME requests by passing them over to a
+# locally-bound lacme webserver component.
+#
+# This file needs to be sourced to the server directives (at least the
+# non-ssl one) of each virtual host requiring authorization.
+
+<Location /.well-known/acme-challenge/>
+ ProxyPass unix:///var/run/lacme.socket|http://127.0.0.1/.well-known/acme-challenge/
+ Order allow,deny
+ Allow from all
+</Location>
+
diff --git a/config/nginx.conf b/config/nginx.conf
index e4ceb0c..6753ff9 100644
--- a/config/nginx.conf
+++ b/config/nginx.conf
@@ -1,4 +1,4 @@
-# Use nginx to serve ACME requests; either directly, or by passing them
+# Use Nginx to serve ACME requests; either directly, or by passing them
# over to a locally-bound lacme webserver component.
#
# This file needs to be sourced to the server directives (at least the