This is a Let's Encrypt authenticator module for authenticating any site
that Varnish sits in front of. The most obvious use would be if you have
some sort of backend CMS that's not easy to get to serve arbitrary files,
or if you have some sort of complicated rewriting in place in your VCL.
It works by rewriting your VCL file to intercept the http-01 auth requests
and synthesizing the responses.

The code is ugly, has tons of lint errors and relies on a number of assumptions
(such as your VCL being in /etc/default/varnish.vcl). Patches accepted to clean
it up. Please back up your VCL configuratoin before use.

To use:

 1. Install letsencrypt as usual, with letsencrypt-auto.

 2. Activate the venv:

    . ~/.local/share/letsencrypt/bin/activate

 3. Install the module:

    pip install -e path/to/this/letsencrypt-varnish

 4. Ask for a certificate:

    sudo ~/.local/share/letsencrypt/bin/letsencrypt --agree-dev-preview --server https://acme-v01.api.letsencrypt.org/directory -a letsencrypt-varnish-plugin:varnish -d <domain> certonly  


Varnish itself does not support SSL, so the module is just for authentication,
just installation. There is a Hitch installation module at

  https://git.sesse.net/?p=letsencrypt-hitch-plugin;a=summary

The Varnish authenticator plugin is licensed under the same terms as the Let's
Encrypt client itself.

  - Steinar H. Gunderson <steinar+letsencrypt@gunderson.no>