DebOps Logo
v1.0.0

Introduction

  • Documentation overview
  • Quick start
  • Frequently Asked Questions
  • Community
  • DebOps philosophy
  • Timeline
  • Other projects
  • References

News

  • Stable releases
  • Changelog
  • Upgrade notes

User Guide

  • DebOps installation
  • DebOps for Ansible users
  • Project directories
  • The Site playbook
  • DebOps CLI
  • Script configuration
  • Debugging tips

Admin Guide

  • Host preparation
  • Common configuration
  • Development network
  • Basic virtualization
  • Basic mail server
  • DebOps OID Registry

Developer Guide

  • DebOps Enhancement Proposals
  • Development model
  • Monorepo layout
  • Code standards
  • Software sources
  • Project roadmap

Tester Guide

  • Test methodology
  • Travis CI tests
  • GitLab CI tests
  • Vagrant documentation
  • Jane documentation
  • Testinfra documentation

Ansible Roles

  • DebOps role index
  • Ansible roles included in DebOps
    • debops.ansible
    • debops.ansible_plugins
    • debops.apache
    • debops.apt
    • debops.apt_cacher_ng
    • debops.apt_install
    • debops.apt_listchanges
    • debops.apt_mark
    • debops.apt_preferences
    • debops.apt_proxy
    • debops.atd
    • debops.auth
    • debops.authorized_keys
    • debops.avahi
    • debops.core
    • debops.cran
    • debops.cron
    • debops.cryptsetup
    • debops.debops
    • debops.debops_api
    • debops.debops_fact
    • debops.debops_legacy
    • debops.dhcp_probe
    • debops.dhcpd
    • debops.dhparam
    • debops.dnsmasq
    • debops.docker
    • debops.docker_gen
    • debops.docker_registry
    • debops.dokuwiki
    • debops.dovecot
    • debops.elastic_co
    • debops.elasticsearch
    • debops.environment
    • debops.etc_aliases
    • debops.etc_services
    • debops.etckeeper
    • debops.etherpad
    • debops.fail2ban
    • debops.fcgiwrap
    • debops.ferm
    • debops.freeradius
    • debops.gitlab
    • debops.gitlab_runner
    • debops.golang
    • debops.grub
    • debops.gunicorn
    • debops.hashicorp
    • debops.icinga
    • debops.icinga_db
    • debops.icinga_web
    • debops.ifupdown
    • debops.ipxe
    • debops.iscsi
    • debops.java
    • debops.kibana
    • debops.kmod
    • debops.ldap
    • debops.librenms
    • debops.libvirt
    • debops.libvirtd
    • debops.libvirtd_qemu
    • debops.locales
    • debops.logrotate
    • debops.lvm
    • debops.lxc
    • debops.machine
    • debops.mailman
    • debops.mariadb
    • debops.mariadb_server
    • debops.memcached
    • debops.monit
    • debops.mosquitto
    • debops.mount
    • debops.netbase
    • debops.netbox
    • debops.nfs
    • debops.nfs_server
    • debops.nginx
    • debops.nodejs
    • debops.nslcd
    • debops.nsswitch
    • debops.ntp
    • debops.nullmailer
    • debops.opendkim
    • debops.owncloud
    • debops.pam_access
    • debops.persistent_paths
    • debops.php
    • debops.phpipam
    • debops.pki
      • Introduction
      • Getting started
      • PKI realms structure
      • Internal Certificate Authorities
      • ACME Integration
      • External certificates
      • debops.pki default variables
      • Default variable details
      • System CA certificates
      • Custom file management
      • Custom hook scripts
      • Ansible integration
      • Copyright
    • debops.postconf
    • debops.postfix
    • debops.postgresql
    • debops.postgresql_server
    • debops.postscreen
    • debops.postwhite
    • debops.preseed
    • debops.proc_hidepid
    • debops.prosody
    • debops.python
    • debops.rabbitmq_management
    • debops.rabbitmq_server
    • debops.radvd
    • debops.redis_sentinel
    • debops.redis_server
    • debops.resources
    • debops.root_account
    • debops.roundcube
    • debops.rsnapshot
    • debops.rstudio_server
    • debops.rsyslog
    • debops.ruby
    • debops.salt
    • debops.saslauthd
    • debops.secret
    • debops.slapd
    • debops.snmpd
    • debops.sshd
    • debops.stunnel
    • debops.sudo
    • debops.swapfile
    • debops.sysctl
    • debops.sysfs
    • debops.sysnews
    • debops.system_groups
    • debops.system_users
    • debops.tcpwrappers
    • debops.tftpd
    • debops.tgt
    • debops.tinc
    • debops.unattended_upgrades
    • debops.unbound
    • debops.users
    • debops.yadm

DebOps API

  • DebOps API

Old documentation

  • DebOps scripts
  • DebOps playbooks
  • DebOps Guidelines and Policies
  • DebOps philosophy
DebOps
  • Docs »
  • Ansible roles included in DebOps »
  • debops.pki
  • Edit on GitHub

debops.pkiΒΆ

  • Introduction
    • Installation
  • Getting started
    • Initial configuration
    • Useful global parameters
    • Example inventory
    • Example playbook
  • PKI realms structure
    • PKI realm overview
    • The application view
    • Example nginx configuration
    • The PKI realm directory structure
    • How a PKI realm is created
  • Internal Certificate Authorities
    • Layout of Certificate Authorities
    • Security of an internal CA
  • ACME Integration
    • Prerequisites
    • Let's Encrypt rate limits
    • How ACME certificates are managed
    • Certificate renewal
    • Example: Certificate for apex domain and subdomains
    • Example: Certificate for subdomains excluding the apex domain
    • ACME configuration variables
  • External certificates
    • Required files
    • Static private keys and certificates
    • Certificates managed by a custom script
  • debops.pki default variables
    • Global PKI configuration
    • Automatic Certificate Management Environment
    • Required software packages
    • Directory, file and user/group configuration
    • Certificate sign times
    • Configuration of PKI Realms
    • Internal Certificate Authorities
    • Custom file management
    • System-wide CA Certificates
  • Default variable details
    • pki_private_groups_present
    • pki_realms
    • pki_authorities
  • System CA certificates
    • Configuration of system CA certificates
    • Local Root CA certificates
  • Custom file management
    • Examples
  • Custom hook scripts
    • Execution environment
    • Known script states
    • Example nginx hook
  • Ansible integration
  • Copyright
Next Previous

© Copyright 2014-2018, Maciej Delmanowski, Nick Janetakis, Robin Schneider Revision 963080de.

Built with Sphinx using a theme provided by Read the Docs.
Read the Docs v: v1.0.0
Versions
v1.0.0
v0.8.1
v0.8.0
v0.7.2
stable-1.0
master
Downloads
On Read the Docs
Project Home
Builds
Free document hosting provided by Read the Docs.