feat: update README, update configuration files for improved validation
This commit is contained in:
Twirre Meulenbelt
@@ -49,13 +49,13 @@ Update the inventory and variables first, especially:
|
||||
Run a syntax check:
|
||||
|
||||
```bash
|
||||
.venv/bin/ansible-playbook --syntax-check site.yml
|
||||
ansible-playbook --syntax-check site.yml
|
||||
```
|
||||
|
||||
Run the playbook:
|
||||
|
||||
```bash
|
||||
.venv/bin/ansible-playbook site.yml
|
||||
ansible-playbook site.yml
|
||||
```
|
||||
|
||||
## Notes
|
||||
@@ -63,3 +63,7 @@ Run the playbook:
|
||||
- nginx falls back to snakeoil certificates until a matching ACME certificate already exists on disk.
|
||||
- If you enable `certbot_manage_certificates`, run the playbook a second time after the first successful issuance so nginx can switch to the live certificates automatically.
|
||||
- ACME issuance is disabled by default through `certbot_manage_certificates: false` so the first provisioning run can complete before DNS and public reachability are finalized.
|
||||
|
||||
## Future plans
|
||||
|
||||
- [ ] Encryption for non-boot files with LUKS (/home, /srv, /var/lib/<my-services>).
|
||||
|
||||
Reference in New Issue
Block a user