Add matrix.kyriasis.com cert

author: Johannes Löthberg <johannes@kyriasis.com> 2017-01-10 16:32:21 +0000
committer: Johannes Löthberg <johannes@kyriasis.com> 2017-01-10 16:32:21 +0000
commit: 537bfdd77291e7480b1be782a678002811aec8bf (patch)
tree: d2a76ae9d9faaedf03ed6183fbc1d3d4a8513c42
parent: 0b401848cab2ff281f6ada57784858182e4c3123 (diff)
download: file-537bfdd77291e7480b1be782a678002811aec8bf.tar.xz
2 files changed, 26 insertions, 0 deletions
diff --git a/theos/certs/init.sls b/theos/certs/init.sls
index 9e6647b..69999e7 100644
--- a/theos/certs/init.sls
+++ b/theos/certs/init.sls
@@ -2,6 +2,7 @@ include:
   - .theos_kyriasis_com
   - .xan_kyriasis_com
   - .git_kyriasis_com
+  - .matrix_kyriasis_com
 
 /etc/letsencrypt/archive:
   file.directory:
diff --git a/theos/certs/matrix_kyriasis_com.sls b/theos/certs/matrix_kyriasis_com.sls
new file mode 100644
index 0000000..efdffe5
--- /dev/null
+++ b/theos/certs/matrix_kyriasis_com.sls
@@ -0,0 +1,25 @@
+include:
+  - nginx.ng
+
+matrix.kyriasis.com:
+  acme.cert:
+    - email: johannes@kyriasis.com
+    - webroot: /srv/http/
+    - keysize: 4096
+
+    - watch_in:
+      - service: nginx_service
+    - require_in:
+      - service: nginx_service
+
+synapse-access-matrix:
+  acl.present:
+    - name: /etc/letsencrypt/archive/matrix.kyriasis.com/
+    - acl_type: user
+    - acl_name: synapse
+    - perms: r-x
+    - recurse: True
+    - require_in:
+      - acme: matrix.kyriasis.com
+
+# vim: set ft=yaml et:
author	Johannes Löthberg <johannes@kyriasis.com>	2017-01-10 16:32:21 +0000
committer	Johannes Löthberg <johannes@kyriasis.com>	2017-01-10 16:32:21 +0000
commit	537bfdd77291e7480b1be782a678002811aec8bf (patch)
tree	d2a76ae9d9faaedf03ed6183fbc1d3d4a8513c42
parent	0b401848cab2ff281f6ada57784858182e4c3123 (diff)
download	file-537bfdd77291e7480b1be782a678002811aec8bf.tar.xz