man.rst 2.64 KB
Newer Older
1 2 3 4 5 6
cdist-type__letsencrypt_cert(7)
===============================

NAME
----

lubo's avatar
lubo committed
7
cdist-type__letsencrypt_cert - Get an SSL certificate from Let's Encrypt
8 9 10 11

DESCRIPTION
-----------

lubo's avatar
lubo committed
12
Automatically obtain a Let's Encrypt SSL certificate using Certbot.
13 14 15 16

REQUIRED PARAMETERS
-------------------

17 18 19 20
object id
    A cert name. If domain parameter is not specified then it is used
    as a domain to be included in the certificate.

21
admin-email
lubo's avatar
lubo committed
22
    Where to send Let's Encrypt emails like "certificate needs renewal".
23

24 25 26
OPTIONAL PARAMETERS
-------------------

lubo's avatar
lubo committed
27 28 29 30 31 32 33 34 35 36 37
state
    'present' or 'absent', defaults to 'present' where:

    present
        if the certificate does not exist, it will be obtained
    absent
        the certificate will be removed

webroot
    The path to your webroot, as set up in your webserver config. If this
    parameter is not present, Certbot will be run in standalone mode.
38 39 40

OPTIONAL MULTIPLE PARAMETERS
----------------------------
lubo's avatar
lubo committed
41

42
renew-hook
lubo's avatar
lubo committed
43 44
    Renew hook command directly passed to Certbot in cron job.

45 46 47 48
domain
    Domains to be included in the certificate. When specified then object id
    is not used as a domain.

lubo's avatar
lubo committed
49 50 51 52 53 54 55 56 57 58 59 60 61
BOOLEAN PARAMETERS
------------------

automatic-renewal
    Install a cron job, which attempts to renew certificates daily.

staging
    Obtain a test certificate from a staging server.

MESSAGES
--------

change
andrewschleifer's avatar
andrewschleifer committed
62
    Certificate was changed.
lubo's avatar
lubo committed
63 64

create
andrewschleifer's avatar
andrewschleifer committed
65
    Certificate was created.
lubo's avatar
lubo committed
66 67

remove
andrewschleifer's avatar
andrewschleifer committed
68
    Certificate was removed.
69

70 71 72 73 74
EXAMPLES
--------

.. code-block:: sh

75 76 77 78 79 80 81 82 83 84 85
    # use object id as domain
    __letsencrypt_cert example.com \
        --admin-email root@example.com \
        --automatic-renewal \
        --renew-hook "service nginx reload" \
        --webroot /data/letsencrypt/root

.. code-block:: sh

    # domain parameter is specified so object id is not used as domain
    # and example.com needs to be included again with domain parameter
lubo's avatar
lubo committed
86 87 88 89 90 91 92 93
    __letsencrypt_cert example.com \
        --admin-email root@example.com \
        --automatic-renewal \
        --domain example.com \
        --domain foo.example.com \
        --domain bar.example.com \
        --renew-hook "service nginx reload" \
        --webroot /data/letsencrypt/root
94 95 96

AUTHORS
-------
lubo's avatar
lubo committed
97

Darko Poljak's avatar
Darko Poljak committed
98 99 100
| Nico Schottelius <nico-cdist--@--schottelius.org>
| Kamila Součková <kamila--@--ksp.sk>
| Darko Poljak <darko.poljak--@--gmail.com>
lubo's avatar
lubo committed
101
| Ľubomír Kučera <lubomir.kucera.jr at gmail.com>
102 103 104

COPYING
-------
lubo's avatar
lubo committed
105 106 107 108 109

Copyright \(C) 2017-2018 Nico Schottelius, Kamila Součková, Darko Poljak and
Ľubomír Kučera. You can redistribute it and/or modify it under the terms of
the GNU General Public License as published by the Free Software Foundation,
either version 3 of the License, or (at your option) any later version.