ruhnet
/
leapi


								//RuhNet LEAPI Config file

								//configDir set by environment variable LEAPI_CONFDIR, otherwise assumed to be /opt/leapi or ./

								{

									"hostname":"web1.mydomain.net",                         //hostname or IP of this particular server; MUST match the server you add to LEAPI. You can use "-" to use the system hostname (must be resolvable by other LEAPI systems).

									"primary_domain":"mydomain.net",                        //the main base domain that is always present; can NOT be a wildcard domain

									"srv_dir":"/opt/leapi",                                 //LEAPI installed directory

									"sync_type":"https",                                    //method of transferring files between LEAPI hosts. "ssh" or "https"

									"username":"leapi",                                     //the username to use for file transfer (applies to either http or ssh)

									"secret_key":"SecReT_KeY-4API-AuThenTiCaTiON",

									"log_file":"/var/log/leapi.log",

									"debug":false,

									"frontend_url":"admin.mydomain.net",                    //the frontend URL, if any (for CORS). Use "-" if none.

									"http_server_port":"-",                                 //set to 80 if you are not using a separate web server or proxy. "-" will assume port 80.

									"https_server_enable":true,                             //set to false to disable HTTPS listener (for initial setup, or for using a separate web server/proxy)

									"https_server_port":"-",                                //the port your HTTPS server is running on, whether LEAPI or an external web server/proxy. Set to "-" for default (port 443)

									"tls_cert_path_prefix":"/etc/ssl/leapi/cert",           //file paths DO NOT INCLUDE EXTENSION. "/etc/ssl/cert" will write files "/etc/ssl/cert01.crt", "/etc/ssl/cert02.crt", etc.

									"tls_key_path_prefix":"/etc/ssl/leapi/privkey",

									"tls_chain_path_prefix":"/etc/ssl/leapi/chain",

									"tls_fullpem_path_prefix":"/etc/ssl/leapi/fullpem",

									"tls_ca_path_prefix":"/etc/ssl/leapi/ca",

									"max_domains_per_cert":100,                             //100 max

									"enable_kazoo_amqp":false,                              //enable custom communication with Kazoo over AMQP for DNS record creation

									"kazoo_amqp_uri":"amqp://guest:guest@localhost:5672",   //AMQP_URI

									"amqp_testmessage_path":"/tmp/message.json",            //path to JSON file to publish as test on receiving SIGUSR2

									"letsencrypt_validation_path":"-",                      //if "-", LEAPI handles this IF you don't use a separate web server

									"renew_allow_days":"60",

									"check_port":"443",                                     //the port/service to check to verify cert installation (https/imap/imaps/xmpp/ftp/smtp)

									"check_wait_time":10,                                   //how long to delay (in seconds) before checking the port (allow time for service restarts)

									"production":false,                                     //if false, the staging LE server will be used. Set true to use the rate limited real server.

									"reload_command":"systemctl reload leapi ; systemctl restart nginx"

								}