add rule to allow certbot to work

author: Kevin Fenzi <kevin@scrye.com> 2017-04-25 17:50:55 +0000
committer: Kevin Fenzi <kevin@scrye.com> 2017-04-25 17:50:55 +0000
commit: 32b8553fe7a906531701db85f7b6ec75550ddc95 (patch)
tree: 04c705468b79ddd2d714d61d446074e2485582b3
parent: c90aae63c9af7ef8a9ca77d533ac8cbfa6ef89e9 (diff)
download: ansible-32b8553fe7a906531701db85f7b6ec75550ddc95.tar.gz
ansible-32b8553fe7a906531701db85f7b6ec75550ddc95.tar.xz
ansible-32b8553fe7a906531701db85f7b6ec75550ddc95.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/roles/keyserver/templates/sks.conf b/roles/keyserver/templates/sks.conf
index 8020dee3f..521249c9c 100644
--- a/roles/keyserver/templates/sks.conf
+++ b/roles/keyserver/templates/sks.conf
@@ -37,6 +37,11 @@ NameVirtualHost *:443
     Deny from all
 </Directory>
 
+<Directory /srv/web/acme-challenge/.well-known/>
+    require all granted
+    Allow from all
+</Directory>
+
 <VirtualHost *:80>
         ServerAdmin sysadmin-keys-members@fedoraproject.org
         ServerName keys.fedoraproject.org
author	Kevin Fenzi <kevin@scrye.com>	2017-04-25 17:50:55 +0000
committer	Kevin Fenzi <kevin@scrye.com>	2017-04-25 17:50:55 +0000
commit	32b8553fe7a906531701db85f7b6ec75550ddc95 (patch)
tree	04c705468b79ddd2d714d61d446074e2485582b3
parent	c90aae63c9af7ef8a9ca77d533ac8cbfa6ef89e9 (diff)
download	ansible-32b8553fe7a906531701db85f7b6ec75550ddc95.tar.gz ansible-32b8553fe7a906531701db85f7b6ec75550ddc95.tar.xz ansible-32b8553fe7a906531701db85f7b6ec75550ddc95.zip