diff options
Diffstat (limited to 'theos/certs')
-rw-r--r-- | theos/certs/gallery_remmy_foo.sls | 28 | ||||
-rw-r--r-- | theos/certs/init.sls | 21 | ||||
-rw-r--r-- | theos/certs/kyriasis_com.sls | 12 | ||||
-rw-r--r-- | theos/certs/pie_in_the_sky_kitchen.sls | 18 | ||||
-rw-r--r-- | theos/certs/remmy_foo.sls | 18 | ||||
-rw-r--r-- | theos/certs/vault_kyriasis_com.sls | 17 |
6 files changed, 107 insertions, 7 deletions
diff --git a/theos/certs/gallery_remmy_foo.sls b/theos/certs/gallery_remmy_foo.sls new file mode 100644 index 0000000..a417240 --- /dev/null +++ b/theos/certs/gallery_remmy_foo.sls @@ -0,0 +1,28 @@ +include: + - nginx + +gallery.remmy.foo: + acme.cert: + - email: johannes@kyriasis.com + - webroot: /srv/http/ + - keysize: 4096 + - renew: 30 + + - watch_in: + - service: nginx_service + - require_in: + - service: nginx_service + +gallery-static.remmy.foo: + acme.cert: + - email: johannes@kyriasis.com + - webroot: /srv/http/ + - keysize: 4096 + - renew: 30 + + - watch_in: + - service: nginx_service + - require_in: + - service: nginx_service + +# vim: set ft=yaml et: diff --git a/theos/certs/init.sls b/theos/certs/init.sls index 82b7907..79b34de 100644 --- a/theos/certs/init.sls +++ b/theos/certs/init.sls @@ -1,16 +1,23 @@ include: - - .kyriasis_com - - .theos_kyriasis_com - - .xan_kyriasis_com + - .actual_kyriasis_com - .git_kyriasis_com - - .taskd_kyriasis_com - - .miniflux_kyriasis_com - .grafana_kyriasis_com + - .kyriasis_com + - .miniflux_kyriasis_com - .prometheus_kyriasis_com - .repsys_kyriasis_com - - .remmy_io + - .taskd_kyriasis_com + - .theos_kyriasis_com + - .vault_kyriasis_com + - .xan_kyriasis_com + + - .gallery_remmy_foo + - .remmy_foo + - .gallery_remmy_io - - .actual_kyriasis_com + - .remmy_io + + - .pie_in_the_sky_kitchen /etc/letsencrypt/archive: file.directory: diff --git a/theos/certs/kyriasis_com.sls b/theos/certs/kyriasis_com.sls index 68bb7ab..b2f0ca0 100644 --- a/theos/certs/kyriasis_com.sls +++ b/theos/certs/kyriasis_com.sls @@ -3,6 +3,8 @@ include: kyriasis.com: acme.cert: + - aliases: + - www.kyriasis.com - email: johannes@kyriasis.com - webroot: /srv/http/ - keysize: 4096 @@ -27,4 +29,14 @@ kyriasis.com: - group: synapse - mode: 600 +prosody-access-kyriasis.com-cert: + acl.present: + - name: /etc/letsencrypt/archive/kyriasis.com/ + - acl_type: user + - acl_name: prosody + - perms: r-x + - recurse: True + - require_in: + - acme: kyriasis.com + # vim: set ft=yaml et: diff --git a/theos/certs/pie_in_the_sky_kitchen.sls b/theos/certs/pie_in_the_sky_kitchen.sls new file mode 100644 index 0000000..79182b1 --- /dev/null +++ b/theos/certs/pie_in_the_sky_kitchen.sls @@ -0,0 +1,18 @@ +include: + - nginx + +pie-in-the-sky.kitchen: + acme.cert: + - aliases: + - www.pie-in-the-sky.kitchen + - email: johannes@kyriasis.com + - webroot: /srv/http/ + - keysize: 4096 + - renew: 30 + + - watch_in: + - service: nginx_service + - require_in: + - service: nginx_service + +# vim: set ft=yaml et: diff --git a/theos/certs/remmy_foo.sls b/theos/certs/remmy_foo.sls new file mode 100644 index 0000000..588c05d --- /dev/null +++ b/theos/certs/remmy_foo.sls @@ -0,0 +1,18 @@ +include: + - nginx + +remmy.foo: + acme.cert: + - aliases: + - www.remmy.foo + - email: johannes@kyriasis.com + - webroot: /srv/http/ + - keysize: 4096 + - renew: 30 + + - watch_in: + - service: nginx_service + - require_in: + - service: nginx_service + +# vim: set ft=yaml et: diff --git a/theos/certs/vault_kyriasis_com.sls b/theos/certs/vault_kyriasis_com.sls new file mode 100644 index 0000000..ae7dfca --- /dev/null +++ b/theos/certs/vault_kyriasis_com.sls @@ -0,0 +1,17 @@ +include: + - nginx + +vault.kyriasis.com: + acme.cert: + - email: johannes@kyriasis.com + - webroot: /srv/http/ + - keysize: 4096 + - renew: 30 + + - watch_in: + - service: nginx_service + - require_in: + - service: nginx_service + + +# vim: set ft=yaml et: |