Support letsencrypt proxy validation via CNAMEs

Allows to point other domains' `_acme-challenge.example.com` entries at `example.com.letsencrypt.kosmos.chat` so we can validate from our side without access to the other domain's DNS records. Used for 5apps.com XMPP for now. Can be used for others later. Co-authored-by: Greg Karékinian <greg@karekinian.com>
2024-03-11 16:15:12 +01:00
parent 21de964e1b
commit 4a8ab3abe3
3 changed files with 48 additions and 24 deletions
--- a/data_bags/credentials/gandi_api_5apps.json
+++ b/data_bags/credentials/gandi_api_5apps.json
@@ -1,9 +1,17 @@
 {
  "id": "gandi_api_5apps",
  "key": {
-    "encrypted_data": "+tcD9x5MkNpf2Za5iLM7oTGrmAXxuWFEbyg4xrcWypSkSTjdIncOfD1UoIoS\nGzy1\n",
-    "iv": "ymls2idI/PdiRZCgsulwrA==\n",
-    "version": 1,
-    "cipher": "aes-256-cbc"
+    "encrypted_data": "AGYIkLdbnU3+O6OxGsFyLpZtTw531s2dbRC4Lik+8NYp3l4P0UMM2Pqf0g==\n",
+    "iv": "kPRHGpLwNIC3MpES\n",
+    "auth_tag": "wKth2tA+JxILFIKppHLDJg==\n",
+    "version": 3,
+    "cipher": "aes-256-gcm"
+  },
+  "access_token": {
+    "encrypted_data": "+tKKFcWV0CZ5wEB/No5hou5+p1llsUkq7AXBvfnA7xsgbpa2q8AX/2UFf9Cf\nGtd9om1CeJJtz+o4ceA=\n",
+    "iv": "hLJSV77DQtqXZDbV\n",
+    "auth_tag": "8xgyudyDk4hq16LRkykGhQ==\n",
+    "version": 3,
+    "cipher": "aes-256-gcm"
  }
 }