Skip to content
Snippets Groups Projects

Configuration default file

Copy inc_config.sh.dist to inc_config.sh and make your settings.

Variables for DNS api access

See https://github.com/acmesh-official/acme.sh/wiki/dnsapi

  • set the env vars of your dns provider
  • add provider in ACME_Params='--dns [PROVIDER]'
# -- for infoblox access 
# export Infoblox_Creds='[user]:[Passwort]'
# export Infoblox_Server='infoblox.localhost'
# export ACME_Params='--dns dns_infoblox'

Note: you should use single quotes for credentials to prevent unwanted variable expansion.

Settings for wrapper cm.sh

variable type description value
ACME string location of acme client; relative to cm.sh or as full path ../acme.sh/acme.sh
ACME_params string parameters for acme client: dns, debugging, staging
CM_diracme string location of certificate data; relative to cm.sh or as full path ./certs
CM_certmatch regex matcher to identify domains with dns access; all other domains will use dns alias mode ".example.com"
CM_challenge_alias string domain for validation with dns alias mode "example.com"
CM_user string force a user to execute cm.sh default: none (=any user can run cm.sh)

inc_config.sh.dist

# ======================================================================
#
# add dns credentials and default params here
#
# ======================================================================


# ----------------------------------------------------------------------
# DNS API
# see https://github.com/acmesh-official/acme.sh/wiki/dnsapi
# - set the env vars of your dns provider
# - add provider in ACME_Params='--dns [PROVIDER]'
# ----------------------------------------------------------------------

# -- for infoblox access 
# export Infoblox_Creds='[user]:[Passwort]'
# export Infoblox_Server='infoblox.localhost'
# export ACME_Params='--dns dns_infoblox'


# ----------------------------------------------------------------------
# general settings
# ----------------------------------------------------------------------

# set path to acme.sh
export ACME=../acme.sh/acme.sh

# activate LE staging server for testing ... uncomment it for development
# and testing purposes
# export ACME_Params="$ACME_Params --staging"

# activate debugging in acme.sh commands
# export ACME_Params="$ACME_Params --debug"

# where to write certificate data
# export CM_diracme="./certs"

# check domain names before creating a new certificate
# It is used for faster rejection of a hostname or alias for which you
# have no permission
# export CM_certmatch="\.example\.com"

# if a host is not matching CM_certmatch we will use authentication
# with an alias domain
# export CM_challenge_alias="example.com"

# optional: force a user to execute cm.sh
# this is for a central installation with a software deployment
# like Ansible or puppet; default: none (=any user can run cm.sh)
# export CM_user="ansible"

# ----------------------------------------------------------------------