diff options
Diffstat (limited to 'roles/letsencrypt/files')
-rw-r--r-- | roles/letsencrypt/files/etc/letsencrypt-tiny/letsencrypt.conf | 86 |
1 files changed, 0 insertions, 86 deletions
diff --git a/roles/letsencrypt/files/etc/letsencrypt-tiny/letsencrypt.conf b/roles/letsencrypt/files/etc/letsencrypt-tiny/letsencrypt.conf deleted file mode 100644 index fb19d2a..0000000 --- a/roles/letsencrypt/files/etc/letsencrypt-tiny/letsencrypt.conf +++ /dev/null @@ -1,86 +0,0 @@ -# For certificate issuance (new-cert command), specify the certificate -# configuration file to use -# -#config-certs = config/letsencrypt-certs.conf - -[client] -# The value of "socket" specifies the letsencrypt-accountd(1) -# UNIX-domain socket to connect to for signature requests from the ACME -# client. letsencrypt aborts if the socket is readable or writable by -# other users, or if its parent directory is writable by other users. -# Default: "$XDG_RUNTIME_DIR/S.letsencrypt" if the XDG_RUNTIME_DIR -# environment variable is set. -# -#socket = /run/user/1000/S.letsencrypt - -# username to drop privileges to (setting both effective and real uid). -# Preserve root privileges if the value is empty (not recommended). -# Default: "nobody". -# -user = letsencrypt - -# groupname to drop privileges to (setting both effective and real gid, -# and also setting the list of supplementary gids to that single group). -# Preserve root privileges if the value is empty (not recommended). -# -group = nogroup - -# Path to the ACME client executable. -#command = /usr/lib/letsencrypt-tiny/client - -# Root URI of the ACME server. NOTE: Use the staging server for testing -# as it has relaxed ratelimit. -# -#server = https://acme-v01.api.letsencrypt.org/ -#server = https://acme-staging.api.letsencrypt.org/ - -# Timeout in seconds after which the client stops polling the ACME -# server and considers the request failed. -# -#timeout = 10 - -# Whether to verify the server certificate chain. -SSL_verify = yes - -# Specify the version of the SSL protocol used to transmit data. -SSL_version = SSLv23:!TLSv1_1:!TLSv1:!SSLv3:!SSLv2 - -# Specify the cipher list for the connection. -SSL_cipher_list = EECDH+AESGCM:!MEDIUM:!LOW:!EXP:!aNULL:!eNULL - - -[webserver] - -# Specify the local address to listen on, in the form ADDRESS[:PORT]. -# -#listen = 0.0.0.0:80 -#listen = [::]:80 - -# If a webserver is already running, specify a non-existent directory -# under which the webserver is configured to serve GET requests for -# challenge files under "/.well-known/acme-challenge/" (for each virtual -# hosts requiring authorization) as static files. -# -challenge-directory = /var/www/acme-challenge - -# username to drop privileges to (setting both effective and real uid). -# Preserve root privileges if the value is empty (not recommended). -# -user = www-data - -# groupname to drop privileges to (setting both effective and real gid, -# and also setting the list of supplementary gids to that single group). -# Preserve root privileges if the value is empty (not recommended). -# -user = www-data - -# Path to the ACME webserver executable. -#command = /usr/lib/letsencrypt-tiny/webserver - -# Whether to automatically install iptables(1) rules to open the -# ADDRESS[:PORT] specified with listen. Theses rules are automatically -# removed once letsencrypt exits. -# -#iptables = Yes - -; vim:ft=dosini |