-
Hahn Axel (hahn) authoredHahn Axel (hahn) authored
20_Configuration.md 3.21 KiB
Configuration default file
Copy inc_config.sh.dist to inc_config.sh and make your settings.
Variables for DNS api access
See https://github.com/acmesh-official/acme.sh/wiki/dnsapi
- set the env vars of your dns provider
- add provider in ACME_Params='--dns [PROVIDER]'
# -- for infoblox access
# export Infoblox_Creds='[user]:[Passwort]'
# export Infoblox_Server='infoblox.localhost'
# export ACME_Params='--dns dns_infoblox'Note: you should use single quotes for credentials to prevent unwanted variable expansion.
Settings for wrapper cm.sh
| variable | type | description | value |
|---|---|---|---|
| ACME | string | location of acme client; relative to cm.sh or as full path | ../acme.sh/acme.sh |
| ACME_params | string | parameters for acme client: dns, debugging, staging | |
| CM_diracme | string | location of certificate data; relative to cm.sh or as full path | ./certs |
| CM_certmatch | regex | matcher to identify domains with dns access; all other domains will use dns alias mode | ".example.com" |
| CM_challenge_alias | string | domain for validation with dns alias mode | "example.com" |
| CM_user | string | force a user to execute cm.sh | default: none (=any user can run cm.sh) |
inc_config.sh.dist
# ======================================================================
#
# add dns credentials and default params here
#
# ======================================================================
# ----------------------------------------------------------------------
# DNS API
# see https://github.com/acmesh-official/acme.sh/wiki/dnsapi
# - set the env vars of your dns provider
# - add provider in ACME_Params='--dns [PROVIDER]'
# ----------------------------------------------------------------------
# -- for infoblox access
# export Infoblox_Creds='[user]:[Passwort]'
# export Infoblox_Server='infoblox.localhost'
# export ACME_Params='--dns dns_infoblox'
# ----------------------------------------------------------------------
# general settings
# ----------------------------------------------------------------------
# set path to acme.sh
export ACME=../acme.sh/acme.sh
# activate LE staging server for testing ... uncomment it for development
# and testing purposes
# export ACME_Params="$ACME_Params --staging"
# activate debugging in acme.sh commands
# export ACME_Params="$ACME_Params --debug"
# where to write certificate data
# export CM_diracme="./certs"
# check domain names before creating a new certificate
# It is used for faster rejection of a hostname or alias for which you
# have no permission
# export CM_certmatch="\.example\.com"
# if a host is not matching CM_certmatch we will use authentication
# with an alias domain
# export CM_challenge_alias="example.com"
# optional: force a user to execute cm.sh
# this is for a central installation with a software deployment
# like Ansible or puppet; default: none (=any user can run cm.sh)
# export CM_user="ansible"
# ----------------------------------------------------------------------