nyacme/README.md

50 lines
1.3 KiB
Markdown
Raw Permalink Normal View History

2024-07-23 12:27:27 +00:00
# nyacme
*a uacme wrapper that maybe probably doesn't suck too much*
2024-07-23 12:36:26 +00:00
usage:
```
usage: nyacme [-h] [-c CONFIG] [-o OUTPUT]
fun uacme wrapper
options:
-h, --help show this help message and exit
-c CONFIG, --config CONFIG
path to your config file (default: /etc/nyacme.toml)
-o OUTPUT, --output OUTPUT
path to the certificate output directory (default: /etc/ssl/uacme)
```
2024-07-23 12:27:27 +00:00
example configuration:
```toml
post_acquire = [
"doas service haproxy reload"
]
certificates = [
"ptrc.gay",
"*.dev.ptrc.gay"
]
[domains]
"ptrc.gay" = "hetzner"
[secrets]
hetzner = "your_secret_goes_here"
```
configuration options:
- `post_acquire` - list of commands to be ran after a new certificate is acquired
- `certificates` - list of CNs for the desired certificates (note: `*.domain.tld` also adds a `domain.tld` CN)
- `domains` - dict of domains and their respective providers (note: it is expected that a domain is also the root of the zone)
- `secrets` - dict of secrets to be used by providers; *usually* with the same name as provider itself
- `acme_path` - string, path to your `.well-known/acme-challenge/`
currently implemented providers:
- `cloudflare`
- `hetzner`
- `http`
- `porkbun` (with secrets `porkbun.apikey` and `porkbun.secretapikey`)
2024-07-27 17:59:44 +00:00
- `he` ( hurricane electric )