From 1204730924436ef9e1c7c49c9557837f9a5ed0e8 Mon Sep 17 00:00:00 2001
From: clarkzjw <i@jinwei.me>
Date: Wed, 8 Feb 2023 00:40:09 -0800
Subject: fork https://github.com/mattsta/mailweb

---
 ansible/inventory/host_vars/webby/certs.yml | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 ansible/inventory/host_vars/webby/certs.yml

(limited to 'ansible/inventory/host_vars/webby/certs.yml')

diff --git a/ansible/inventory/host_vars/webby/certs.yml b/ansible/inventory/host_vars/webby/certs.yml
new file mode 100644
index 0000000..c38b80d
--- /dev/null
+++ b/ansible/inventory/host_vars/webby/certs.yml
@@ -0,0 +1,23 @@
+---
+certs:
+  # Copy only these private keys and certs from ansible into the system
+  keyTypes:
+    - rsa2048
+    - prime256v1
+
+# requested can EITHER be:
+# - just a list of hostnames (then we depoly all 'keyTypes' for each hostname)
+# - or, a mapping of, e.g.:
+#   - host: example1.com
+#     type: rsa2048
+#   - host: example1.com
+#     type: prime256v1
+  required:
+    - example1.com
+    - example2.com
+    - example3.com
+
+  # These users have ansible-controlled ssh private keys
+  # (mainly for automated backups right now)
+  sshKeysForUsers: []
+  #  - root
-- 
cgit v1.2.3