summaryrefslogtreecommitdiffstats
path: root/roles/common
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2015-12-20 14:13:08 +0100
committerGuilhem Moulin <guilhem@fripost.org>2015-12-20 14:13:13 +0100
commitda2572ddb144086034eba1989ae909763e95c680 (patch)
treed3374338793592412ca1b10fb4fc20068a392c4e /roles/common
parent01e59771866559cc13a58800282617d04cb286a6 (diff)
Use the Let's Encrypt CA for our public certs.
Diffstat (limited to 'roles/common')
-rw-r--r--roles/common/handlers/main.yml3
-rw-r--r--roles/common/tasks/main.yml3
2 files changed, 6 insertions, 0 deletions
diff --git a/roles/common/handlers/main.yml b/roles/common/handlers/main.yml
index a852c4d..07047c7 100644
--- a/roles/common/handlers/main.yml
+++ b/roles/common/handlers/main.yml
@@ -52,3 +52,6 @@
- name: Restart freshclam
service: name=clamav-freshclam state=restarted
+
+- name: Install LetsEncrypt's ACME client
+ apt: deb=/tmp/letsencrypt-tiny_0.1-1_all.deb
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index 470a6b2..955493a 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -45,6 +45,9 @@
- rsync
- screen
- telnet-ssl
+ # for letencrypt
+ - liblwp-protocol-https-perl
+ - socat
# XXX: this is a workaround the CAcert root CAs not being present in
# Jessie. In stretch, we would merely install the 'ca-cacert' package.