plantroon/acme.sh
1
0
Fork 0
mirror of https://github.com/plantroon/acme.sh.git synced 2024-11-08 15:31:45 +00:00
Code Issues Projects Releases Wiki Activity

Documentation updates

Browse Source
This commit is contained in:
David Kerr 2017-02-08 21:13:00 -05:00
parent 1a5989350f
commit e3feac3fd8
1 changed files with 11 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
deploy/README.md
View File

@ -11,9 +11,7 @@ acme.sh --deploy -d example.com --deploy-hook ssh
```
Prior to running this for the first time you must tell the plugin where
and how to deploy the certificates. This is done by exporting the following
environment variables.
This is not required for subsequent runs as the
environment variables. This is not required for subsequent runs as the
values are stored by acme.sh in the domain configuration files.
Required...
@ -32,8 +30,8 @@ export ACME_DEPLOY_SSH_FULLCHAIN=""
export ACME_DEPLOY_SSH_REMOTE_CMD="/etc/init.d/stunnel.sh restart"
export ACME_DEPLOY_SSH_SERVICE_START=""
```
The values used above are illustrative only and represent those used
to deploy certificates to a QNAP NAS device running QTS 4.2
The values used above are illustrative only and represent those that could
be used to deploy certificates to a QNAP NAS device running QTS 4.2
###ACME_DEPLOY_SSH_USER
Username at the remote host that SSH will login with. Note that
@ -44,40 +42,37 @@ can login to USER@URL from the host running acme.sh before using this script.
The USER@URL at the remote server must also have has permissions to write to
the target location of the certificate files and to execute any commands
(e.g. to stop/start services).
###ACME_DEPLOY_SSH_SERVER
URL or IP Address of the remote server. If not provided then the domain
name provided on the acme.sh --deploy command line is used.
###ACME_DEPLOY_SSH_PORT
Port number that SSH will attempt to connect to at the remote server. If
not specified then defaults to 22.
not provided then defaults to 22.
###ACME_DEPLOY_SSH_SERVICE_STOP
Command to execute on the remote server prior to copying any certificates. This
would typically be used to stop the service for which the certificates are
being deployed.
###ACME_DEPLOY_SSH_KEYFILE
Target filename for the private key issued by LetsEncrypt.
###ACME_DEPLOY_SSH_CERTFILE
Target filename for the certificate issued by LetsEncrypt. If this filename
is the same as that provided for ACME_DEPLOY_SSH_KEYFILE then this certificate
is appended to the same file as the private key.
###ACME_DEPLOY_SSH_CAFILE
Target filename for the CA intermediate certificate issued by LetsEncrypt.
###ACME_DEPLOY_SSH_FULLCHAIN
These four variables identify the target location for the respective
certificates issued by LetsEncrypt. Directory path and filenames are those
on the remote server and the SSH user must have write permissions.
Target filename for the fullchain certificate issued by LetsEncrypt.
###ACME_DEPLOY_SSH_REMOTE_CMD
Command to execute on the remote server after copying any certificates. This
could be any additional command required prior to starting the service again,
or could be a all-inclusive restart (stop and start of service). If
ACME_DEPLOY_SSH_SERVICE_STOP value was provided then a 2 second sleep is
inserted prior to calling this command to allow the system to stabalize.
###ACME_DEPLOY_SSH_SERVICE_START
Command to execute on the remote server after copying any certificates. This
would typically be used to stop the service for which the certificates are
being deployed. If ACME_DEPLOY_SSH_SERVICE_STOP or ACME_DEPLOY_SSH_REMOTE_CMD
value were provided then a 2 second sleep is inserted prior to calling
values were provided then a 2 second sleep is inserted prior to calling
this command to allow the system to stabalize.
##Backups