mirror/infrastructure
1
1
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/infrastructure.git synced 2026-03-03 23:01:35 +01:00
Code Issues
master
infrastructure/roles/security_tracker/templates
History
Kristian Klausen 0991324392
Switch to nginx native ACME[1] where it makes sense 
It provides a better UX compared to certbot and is one less moving part.

The switch is done where it is possible and sensible. That is basically
all the places where nginx is the sole user of the certificate.

Certificates using the DNS-01 challenge (e.g. geo mirrors) or which are
used with stream (e.g. rsync over TLS) still require certbot as it is
currently not supported in the native integration[2][3].

[1] https://blog.nginx.org/blog/native-support-for-acme-protocol
[2] https://github.com/nginx/nginx-acme/issues/11
[3] https://github.com/nginx/nginx-acme/issues/13
2025-12-23 19:46:18 +01:00
..
20-user.local.conf.j2 keycloak: remove /auth from all Keycloak endpoints 2022-11-12 17:33:36 +02:00
nginx.d.conf.j2 Switch to nginx native ACME[1] where it makes sense 2025-12-23 19:46:18 +01:00
security-tracker.ini.j2 security_tracker: main module was renamed to tracker 2018-02-19 22:32:18 +01:00