Open farazbyk opened 4 years ago
Hi, the general idea is that if you have a service, say ipa.farazbyk.com you will set parameter acme_certificate_domain
to that value. The role will then attempt to create letsencrypt certificate using an http challenge to zone farazbyk.com
which should be registered to route53.
You can override this with parameter acme_certificate_zone
and is initialized in the defaults/main.yml file as:
acme_certificate_zone: "{{ acme_certificate_domain | split_with('.') | tail | join('.') }}"
All values for record creation are gathered automatically from the challenge starting at line 53 at https://github.com/nephelaiio/ansible-role-acme-certificate-route53/blob/master/tasks/main.yml
Hi, I want to have this certificates creation to work with FreeIPA and i have tested with http its working fine but that need to public interface / elastic IP on ec2 instance.
In your ansible role you define zone name can you share how zone from route53 identified and TXT record to it automatically ?