support multiple names for one cert and select authenticator based on variable - Githubissues

thefinn93 / ansible-letsencrypt

An ansible role to generate TLS certificates and get them signed by Let's Encrypt

GNU General Public License v3.0

442 stars 122 forks source link

support multiple names for one cert and select authenticator based on variable #5

Closed rngadam closed 8 years ago

rngadam commented 8 years ago

fixes:

missing hostname parameter (-d)
uses a list of hosts instead of just the first host
selects between web authenticator and standalone based on the variable being present or not

thefinn93 commented 8 years ago

the first two are not broken, they are that way intentionally:

-d is just specified in {{ letsencrypt_command }} using a for loop, which works in a way that is more friendly for the rate limits (i believe are currently 5 certs per week per second level domain or something). By requesting multiple names for one cert instead of one cert per name, we deplete the rate limit less quickly. It gets stored in a folder named by the first domain in the list.

I like the third one, if you can take the other stuff out i'll accept

thefinn93 commented 8 years ago

shit, I accidently hit the close button... :/

thefinn93 commented 8 years ago

More info on the rate limiting stuff.

rngadam commented 8 years ago

modified to work both nicely with the rate limit and the authenticator selection

also made the virtualenv install for Debian only (fails on Ubuntu)

thefinn93 commented 8 years ago

If Ubuntu doesn't have the package names of Debian, than Ubuntu should get a special case. Also, it should be a separate pull request. Once again, the multiple domain thing is handled in defaults.yml, which builds them into letsencrypt_command. Please make one pull request per change so they can each be discussed individually.

thefinn93 commented 8 years ago

Can I assume this should be closed in favor of #8?

rngadam commented 8 years ago

sure