iankelling.org
/
git
/
basic-https-conf
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
43857c5
)
slightly better docs
author
Ian Kelling
<ian@iankelling.org>
Wed, 26 Apr 2017 15:57:46 +0000
(08:57 -0700)
committer
Ian Kelling
<ian@iankelling.org>
Wed, 26 Apr 2017 15:57:46 +0000
(08:57 -0700)
web-conf
patch
|
blob
|
history
diff --git
a/web-conf
b/web-conf
index 08d1c047f2bd649da80745acc075af18359a10a2..4dc3974f38d4dc04f79593268c69562d8b2e8bf8 100755
(executable)
--- a/
web-conf
+++ b/
web-conf
@@
-25,7
+25,11
@@
usage() {
Usage: ${0##*/} [OPTIONS] [EXTRA_SETTINGS_FILE] apache2|nginx DOMAIN
apache/nginx config & let's encrypt
Usage: ${0##*/} [OPTIONS] [EXTRA_SETTINGS_FILE] apache2|nginx DOMAIN
apache/nginx config & let's encrypt
-If using tls then it expects certbot to be installed and in PATH.
+If using tls then it expects certbot to be installed and in PATH. Also,
+certbot cronjob should be taken care of outside this script. In the
+debian package, it installs a systemd timer, which I (Ian Kelling) use
+and modify to email me on failure. You can see how I do this in my git
+repo distro-setup, and log-quiet.
EXTRA_SETTINGS_FILE can be - for stdin
EXTRA_SETTINGS_FILE can be - for stdin
@@
-115,7
+119,7
@@
if $ssl; then
# when generating an example config, add all relevant security options:
# --hsts --staple-ocsp --uir
certbot certonly -n --must-staple --email $email --no-self-upgrade \
# when generating an example config, add all relevant security options:
# --hsts --staple-ocsp --uir
certbot certonly -n --must-staple --email $email --no-self-upgrade \
- --agree-tos --$
t
-d $h
+ --agree-tos --$
{t%2}
-d $h
rm $vhost_file
fi
fi
rm $vhost_file
fi
fi