From 220fbe1701abb39c9aa3a3860538f7a4746761ea Mon Sep 17 00:00:00 2001 From: Paulo Coghi Date: Mon, 26 Jun 2023 17:10:23 +0200 Subject: [PATCH 1/2] Custom configuration instructions Added instructions on how to create a custom configuration template for domain configuration files --- README.md | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/README.md b/README.md index a356a0d..624ff66 100644 --- a/README.md +++ b/README.md @@ -17,6 +17,7 @@ for automating the process on remote servers. - [ISPConfig](#ispconfig) - [Automating updates](#automating-updates) - [Structure](#structure) +- [Custom template for configuration](#custom-template-for-configuration) - [Server-Types](#server-types) - [Revoke a certificate](#revoke-a-certificate) - [Elliptic curve keys](#elliptic-curve-keys) @@ -455,6 +456,42 @@ RELOAD_CMD="service apache2 reload" ``` +## Custom template for configuration + +You can create and customize a template that can be use to generate the `~/.getssl/yourdomain.com/getssl.cfg` config file, instead of the default one. + +Choose one of fhe following allowed locations, according to your getssl installation: + +```sh +/etc/getssl/getssl_default.cfg +/path/of/your/getssl/installation/getssl_default.cfg +~/.getssl/getssl_default.cfg + +``` + +And dedine the default values, optionally using the dynamic variables, as in the example below: + +```sh +# Additional domains - this could be multiple domains / subdomains in a comma separated list +# Note: this is Additional domains - so should not include the primary domain. +SANS="${EX_SANS}" + +ACL=('/home/myuser/${DOMAIN}/public_html/.well-known/acme-challenge') + +USE_SINGLE_ACL="true" + +RELOAD_CMD="sudo /bin/systemctl restart nginx.service" + +# Define the server type. This can be https, ftp, ftpi, imap, imaps, pop3, pop3s, smtp, +# smtps_deprecated, smtps, smtp_submission, xmpp, xmpps, ldaps or a port number which +# will be checked for certificate expiry and also will be checked after +# an update to confirm correct certificate is running (if CHECK_REMOTE) is set to true +SERVER_TYPE="https" +#CHECK_REMOTE="true" +CHECK_REMOTE_WAIT="1" # wait 1 second before checking the remote server + +``` + ## Server-Types OpenSSL has built-in support for getting the certificate from a number of SSL services From 255b0a160a9e4eb354ae74efd8e5eeddfd9ffb69 Mon Sep 17 00:00:00 2001 From: Paulo Coghi Date: Tue, 27 Jun 2023 07:15:38 +0200 Subject: [PATCH 2/2] Custom configuration instructions --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 624ff66..fdff257 100644 --- a/README.md +++ b/README.md @@ -460,7 +460,7 @@ RELOAD_CMD="service apache2 reload" You can create and customize a template that can be use to generate the `~/.getssl/yourdomain.com/getssl.cfg` config file, instead of the default one. -Choose one of fhe following allowed locations, according to your getssl installation: +Create one of fhe following allowed locations, according to your getssl installation: ```sh /etc/getssl/getssl_default.cfg @@ -469,7 +469,7 @@ Choose one of fhe following allowed locations, according to your getssl installa ``` -And dedine the default values, optionally using the dynamic variables, as in the example below: +And define the default values, optionally using the dynamic variables, as in the example below: ```sh # Additional domains - this could be multiple domains / subdomains in a comma separated list