From 2e90b46d0f959ea94659ae587d83dd1c8d31935c Mon Sep 17 00:00:00 2001
From: Antony <antony@cantoute.com>
Date: Mon, 7 Mar 2022 23:48:39 -0400
Subject: [PATCH] .gitignore - ignore certbot keys

storing certbot/letsencrypt keys in the repo takes considerable space when having many domains over time
I have not fully tested yet, but with those rules we should still keep trace of certbot setup,  at disaster this should be good enough to  re-create all new certificates at once.

and obviously is a security risk
---
 update-ignore.d/01update-ignore | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/update-ignore.d/01update-ignore b/update-ignore.d/01update-ignore
index 25fdfac..df8c0df 100755
--- a/update-ignore.d/01update-ignore
+++ b/update-ignore.d/01update-ignore
@@ -144,6 +144,12 @@ writefile () {
 	ignore "#*#"
 	ignore DEADJOE
 
+	comment "ignore certbot/letsencrypt certs"
+	ignore letsencrypt/keys
+	ignore letsencrypt/archive
+	ignore letsencrypt/live
+	ignore letsencrypt/csr
+
 	nl
 	comment "end section $managed_by_etckeeper"
 }