110 lines
2.6 KiB
Text
110 lines
2.6 KiB
Text
|
cdist-type__letsencrypt_cert(7)
|
||
|
===============================
|
||
|
|
||
|
NAME
|
||
|
----
|
||
|
|
||
|
cdist-type__letsencrypt_cert - Get an SSL certificate from Let's Encrypt
|
||
|
|
||
|
DESCRIPTION
|
||
|
-----------
|
||
|
|
||
|
Automatically obtain a Let's Encrypt SSL certificate using Certbot.
|
||
|
|
||
|
REQUIRED PARAMETERS
|
||
|
-------------------
|
||
|
|
||
|
object id
|
||
|
A cert name. If domain parameter is not specified then it is used
|
||
|
as a domain to be included in the certificate.
|
||
|
|
||
|
admin-email
|
||
|
Where to send Let's Encrypt emails like "certificate needs renewal".
|
||
|
|
||
|
OPTIONAL PARAMETERS
|
||
|
-------------------
|
||
|
|
||
|
state
|
||
|
'present' or 'absent', defaults to 'present' where:
|
||
|
|
||
|
present
|
||
|
if the certificate does not exist, it will be obtained
|
||
|
absent
|
||
|
the certificate will be removed
|
||
|
|
||
|
webroot
|
||
|
The path to your webroot, as set up in your webserver config. If this
|
||
|
parameter is not present, Certbot will be run in standalone mode.
|
||
|
|
||
|
OPTIONAL MULTIPLE PARAMETERS
|
||
|
----------------------------
|
||
|
|
||
|
renew-hook
|
||
|
Renew hook command directly passed to Certbot in cron job.
|
||
|
|
||
|
domain
|
||
|
Domains to be included in the certificate. When specified then object id
|
||
|
is not used as a domain.
|
||
|
|
||
|
BOOLEAN PARAMETERS
|
||
|
------------------
|
||
|
|
||
|
automatic-renewal
|
||
|
Install a cron job, which attempts to renew certificates daily.
|
||
|
|
||
|
staging
|
||
|
Obtain a test certificate from a staging server.
|
||
|
|
||
|
MESSAGES
|
||
|
--------
|
||
|
|
||
|
change
|
||
|
Certificate was changed.
|
||
|
|
||
|
create
|
||
|
Certificate was created.
|
||
|
|
||
|
remove
|
||
|
Certificate was removed.
|
||
|
|
||
|
EXAMPLES
|
||
|
--------
|
||
|
|
||
|
.. code-block:: sh
|
||
|
|
||
|
# use object id as domain
|
||
|
__letsencrypt_cert example.com \
|
||
|
--admin-email root@example.com \
|
||
|
--automatic-renewal \
|
||
|
--renew-hook "service nginx reload" \
|
||
|
--webroot /data/letsencrypt/root
|
||
|
|
||
|
.. code-block:: sh
|
||
|
|
||
|
# domain parameter is specified so object id is not used as domain
|
||
|
# and example.com needs to be included again with domain parameter
|
||
|
__letsencrypt_cert example.com \
|
||
|
--admin-email root@example.com \
|
||
|
--automatic-renewal \
|
||
|
--domain example.com \
|
||
|
--domain foo.example.com \
|
||
|
--domain bar.example.com \
|
||
|
--renew-hook "service nginx reload" \
|
||
|
--webroot /data/letsencrypt/root
|
||
|
|
||
|
AUTHORS
|
||
|
-------
|
||
|
|
||
|
| Nico Schottelius <nico-cdist--@--schottelius.org>
|
||
|
| Kamila Součková <kamila--@--ksp.sk>
|
||
|
| Darko Poljak <darko.poljak--@--gmail.com>
|
||
|
| Ľubomír Kučera <lubomir.kucera.jr at gmail.com>
|
||
|
|
||
|
COPYING
|
||
|
-------
|
||
|
|
||
|
Copyright \(C) 2017-2018 Nico Schottelius, Kamila Součková, Darko Poljak and
|
||
|
Ľubomír Kučera. You can redistribute it and/or modify it under the terms of
|
||
|
the GNU General Public License as published by the Free Software Foundation,
|
||
|
either version 3 of the License, or (at your option) any later version.
|