Commit 02f7997a authored by Annika Backstrom's avatar Annika Backstrom

draft post: friday, october 13, 2017

parent a3fa574e
Title: Friday, October 13, 2017
Slug: friday-october-13-2017
Summary: summary
Date: 2017-10-13 21:30
Category: Personal
Tags: ansible, twitter
Status: draft
What would I write about, if I couldn't blast out low-effort Twitter posts [for a
## Provisioning, Ansbile, and Let's Encrypt
I'm on a years-long, on-and-off quest to move some services off a 9+
year old Linode. This mostly means putting my web configs into git and
Ansible and ensuring I can deploy those configs to new hosts. The most
recent headaches were from HTTPS: [Let's Encrypt][3] has lowered the
barrier to entry (at least after I [said goodbye][4] to StartSSL) but the
easy-to-use HTTP challenge wasn't a good fit for spinning up new vms.
**[certbot-route53][5]** is a handy script for generating [Let's Encrypt][3]
certs using DNS challenges. I want to bundle certs with my Ansible configs,
centralizing cert management and simplifying things for new hosts that can't
pass the http-01 challenge. certbot-route53 will let me update certs from my vm,
then push them out to all servers with one command.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment