From 537bfdd77291e7480b1be782a678002811aec8bf Mon Sep 17 00:00:00 2001
From: Johannes Löthberg <johannes@kyriasis.com>
Date: Tue, 10 Jan 2017 16:32:21 +0000
Subject: Add matrix.kyriasis.com cert

---
 theos/certs/init.sls                |  1 +
 theos/certs/matrix_kyriasis_com.sls | 25 +++++++++++++++++++++++++
 2 files changed, 26 insertions(+)
 create mode 100644 theos/certs/matrix_kyriasis_com.sls

diff --git a/theos/certs/init.sls b/theos/certs/init.sls
index 9e6647b..69999e7 100644
--- a/theos/certs/init.sls
+++ b/theos/certs/init.sls
@@ -2,6 +2,7 @@ include:
   - .theos_kyriasis_com
   - .xan_kyriasis_com
   - .git_kyriasis_com
+  - .matrix_kyriasis_com
 
 /etc/letsencrypt/archive:
   file.directory:
diff --git a/theos/certs/matrix_kyriasis_com.sls b/theos/certs/matrix_kyriasis_com.sls
new file mode 100644
index 0000000..efdffe5
--- /dev/null
+++ b/theos/certs/matrix_kyriasis_com.sls
@@ -0,0 +1,25 @@
+include:
+  - nginx.ng
+
+matrix.kyriasis.com:
+  acme.cert:
+    - email: johannes@kyriasis.com
+    - webroot: /srv/http/
+    - keysize: 4096
+
+    - watch_in:
+      - service: nginx_service
+    - require_in:
+      - service: nginx_service
+
+synapse-access-matrix:
+  acl.present:
+    - name: /etc/letsencrypt/archive/matrix.kyriasis.com/
+    - acl_type: user
+    - acl_name: synapse
+    - perms: r-x
+    - recurse: True
+    - require_in:
+      - acme: matrix.kyriasis.com
+
+# vim: set ft=yaml et:
-- 
cgit v1.2.3-54-g00ecf