Herron has uploaded a new change for review. (
https://gerrit.wikimedia.org/r/375071 )
Change subject: WIP: Add standalone letsencrypt nginx template
......................................................................
WIP: Add standalone letsencrypt nginx template
Add a standalone nginx config template intended for systems that utilize
letsencrypt certs for non-http protocols (smtps, ldaps, etc.) and do
not have an existing http server to include the acme challenge file.
Bug: T174720
Change-Id: I17fc758dc63973fba0c1d3ce1cfbba9299d17b79
---
A modules/letsencrypt/templates/cert/integrated/standalone.nginx.erb
1 file changed, 17 insertions(+), 0 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/71/375071/1
diff --git a/modules/letsencrypt/templates/cert/integrated/standalone.nginx.erb
b/modules/letsencrypt/templates/cert/integrated/standalone.nginx.erb
new file mode 100644
index 0000000..ee924f8
--- /dev/null
+++ b/modules/letsencrypt/templates/cert/integrated/standalone.nginx.erb
@@ -0,0 +1,17 @@
+# This file managed by Puppet
+#
+# Standalone nginx config file intended for systems that utilize
+# letsencrypt certs for non-http protocols (smtps, ldaps, etc.) and do
+# not have an existing http server to include the acme challenge file.
+
+server {
+ listen 80;
+<%
+ server_name @facts['hostname'] @facts['fqdn'];
+-%>
+
+ include /etc/acme/challenge-nginx.conf;
+ location / {
+ return 403;
+ }
+}
--
To view, visit https://gerrit.wikimedia.org/r/375071
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I17fc758dc63973fba0c1d3ce1cfbba9299d17b79
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Herron <kher...@wikimedia.org>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
