# Configuration default file Copy inc_config.sh.dist to inc_config.sh and make your settings. ## Variables for DNS api access See https://github.com/acmesh-official/acme.sh/wiki/dnsapi * set the env vars of your dns provider * add provider in ACME_Params='--dns [PROVIDER]' ```txt # -- for infoblox access # export Infoblox_Creds='[user]:[Passwort]' # export Infoblox_Server='infoblox.localhost' # export ACME_Params='--dns dns_infoblox' ``` Note: you should use single quotes for credentials to prevent unwanted variable expansion. ## Settings for wrapper cm.sh | variable | type | description | value | |--------------------|--------|------------------------------------------------------------|-------| | ACME | string | location of acme client; relative to cm.sh or as full path | ../acme.sh/acme.sh | | ACME_params | string | parameters for acme client: dns, debugging, staging | | | CM_diracme | string | location of certificate data; relative to cm.sh or as full path | ./certs | | CM_certmatch | regex | matcher to identify domains with dns access; all other domains will use dns alias mode | "\.example\.com" | | CM_challenge_alias | string | domain for validation with dns alias mode | "example.com" | | CM_user | string | force a user to execute cm.sh | default: none (=any user can run cm.sh) | ## inc_config.sh.dist ```sh # ====================================================================== # # add dns credentials and default params here # # ====================================================================== # ---------------------------------------------------------------------- # DNS API # see https://github.com/acmesh-official/acme.sh/wiki/dnsapi # - set the env vars of your dns provider # - add provider in ACME_Params='--dns [PROVIDER]' # ---------------------------------------------------------------------- # -- for infoblox access # export Infoblox_Creds='[user]:[Passwort]' # export Infoblox_Server='infoblox.localhost' # export ACME_Params='--dns dns_infoblox' # ---------------------------------------------------------------------- # general settings # ---------------------------------------------------------------------- # set path to acme.sh export ACME=../acme.sh/acme.sh # activate LE staging server for testing ... uncomment it for development # and testing purposes # export ACME_Params="$ACME_Params --staging" # activate debugging in acme.sh commands # export ACME_Params="$ACME_Params --debug" # where to write certificate data # export CM_diracme="./certs" # check domain names before creating a new certificate # It is used for faster rejection of a hostname or alias for which you # have no permission # export CM_certmatch="\.example\.com" # if a host is not matching CM_certmatch we will use authentication # with an alias domain # export CM_challenge_alias="example.com" # optional: force a user to execute cm.sh # this is for a central installation with a software deployment # like Ansible or puppet; default: none (=any user can run cm.sh) # export CM_user="ansible" # ---------------------------------------------------------------------- ```