From 850275469f7da1a9829edfe45bd40b40d3cc6a02 Mon Sep 17 00:00:00 2001
From: Matthew Fennell <matthew@fennell.dev>
Date: Wed, 15 May 2024 23:09:01 +0100
Subject: Delegate certificate management to acme project

Although this playbook originally installed certificates to the server, this
turned out to be a bad idea, because the playbook could in some circumstances
(if the acme project had already renewed the certs) have installed a different
certificate to the remote server.

By delgating responsibility to the acme server fully, this should prevent any
such issues, as well as potential DANE misconfigurations.
---
 README.md | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'README.md')

diff --git a/README.md b/README.md
index a00ca65..c12d825 100644
--- a/README.md
+++ b/README.md
@@ -105,6 +105,14 @@ make staging
 make prod
 ```
 
+## External tools
+
+Certificates are generally managed by the `acme` project. In particular,
+although this playbook does set the DANE hash based on the certificates found
+on the `acme` server, it does not directly install any itself. This is to
+prevent the playbook from overwriting already-renewed certifictes, that the
+playbook is not aware of.
+
 ## Git hooks
 
 We provide sample git hooks in the `hooks` directory. To use these, ensure the
-- 
cgit v1.2.3