summaryrefslogtreecommitdiffstats
path: root/roles/letsencrypt/files
diff options
context:
space:
mode:
Diffstat (limited to 'roles/letsencrypt/files')
-rw-r--r--roles/letsencrypt/files/etc/letsencrypt-tiny/letsencrypt.conf86
1 files changed, 0 insertions, 86 deletions
diff --git a/roles/letsencrypt/files/etc/letsencrypt-tiny/letsencrypt.conf b/roles/letsencrypt/files/etc/letsencrypt-tiny/letsencrypt.conf
deleted file mode 100644
index fb19d2a..0000000
--- a/roles/letsencrypt/files/etc/letsencrypt-tiny/letsencrypt.conf
+++ /dev/null
@@ -1,86 +0,0 @@
-# For certificate issuance (new-cert command), specify the certificate
-# configuration file to use
-#
-#config-certs = config/letsencrypt-certs.conf
-
-[client]
-# The value of "socket" specifies the letsencrypt-accountd(1)
-# UNIX-domain socket to connect to for signature requests from the ACME
-# client. letsencrypt aborts if the socket is readable or writable by
-# other users, or if its parent directory is writable by other users.
-# Default: "$XDG_RUNTIME_DIR/S.letsencrypt" if the XDG_RUNTIME_DIR
-# environment variable is set.
-#
-#socket = /run/user/1000/S.letsencrypt
-
-# username to drop privileges to (setting both effective and real uid).
-# Preserve root privileges if the value is empty (not recommended).
-# Default: "nobody".
-#
-user = letsencrypt
-
-# groupname to drop privileges to (setting both effective and real gid,
-# and also setting the list of supplementary gids to that single group).
-# Preserve root privileges if the value is empty (not recommended).
-#
-group = nogroup
-
-# Path to the ACME client executable.
-#command = /usr/lib/letsencrypt-tiny/client
-
-# Root URI of the ACME server. NOTE: Use the staging server for testing
-# as it has relaxed ratelimit.
-#
-#server = https://acme-v01.api.letsencrypt.org/
-#server = https://acme-staging.api.letsencrypt.org/
-
-# Timeout in seconds after which the client stops polling the ACME
-# server and considers the request failed.
-#
-#timeout = 10
-
-# Whether to verify the server certificate chain.
-SSL_verify = yes
-
-# Specify the version of the SSL protocol used to transmit data.
-SSL_version = SSLv23:!TLSv1_1:!TLSv1:!SSLv3:!SSLv2
-
-# Specify the cipher list for the connection.
-SSL_cipher_list = EECDH+AESGCM:!MEDIUM:!LOW:!EXP:!aNULL:!eNULL
-
-
-[webserver]
-
-# Specify the local address to listen on, in the form ADDRESS[:PORT].
-#
-#listen = 0.0.0.0:80
-#listen = [::]:80
-
-# If a webserver is already running, specify a non-existent directory
-# under which the webserver is configured to serve GET requests for
-# challenge files under "/.well-known/acme-challenge/" (for each virtual
-# hosts requiring authorization) as static files.
-#
-challenge-directory = /var/www/acme-challenge
-
-# username to drop privileges to (setting both effective and real uid).
-# Preserve root privileges if the value is empty (not recommended).
-#
-user = www-data
-
-# groupname to drop privileges to (setting both effective and real gid,
-# and also setting the list of supplementary gids to that single group).
-# Preserve root privileges if the value is empty (not recommended).
-#
-user = www-data
-
-# Path to the ACME webserver executable.
-#command = /usr/lib/letsencrypt-tiny/webserver
-
-# Whether to automatically install iptables(1) rules to open the
-# ADDRESS[:PORT] specified with listen. Theses rules are automatically
-# removed once letsencrypt exits.
-#
-#iptables = Yes
-
-; vim:ft=dosini