For the needs of an incoming project, that I’ll describe in a later post, I needed to automate public access configuration for existing web applications. In other words, I needed to automate, proxy vhost configuration, tls termination and dns registration on a given domain. What is presented here has been used on a simple libvirt/KVM architecture (managed as described in my latest post).
The workflow is this one:
- deploy the DNS entry
- deploy nginx vhost for the given webapp and domain name (allowing access to .well-known directory for letsencrypt http based authentication and authorization)
- ask for letsencrypt certificate
- retrieve certificate and configure tcp/443 vhost with tls
Here are the components I used:
[Read More]