rooty/fab-manager
1
0
Fork 0
mirror of https://github.com/LaCasemate/fab-manager.git synced 2024-11-28 09:24:24 +01:00
Code Issues Releases Activity

[ongoing] setup script

Browse Source
This commit is contained in:
Sylvain 2019-12-30 17:34:15 +01:00
parent 5b83fadcf9
commit aec3a57529
7 changed files with 247 additions and 166 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

165
doc/docker-compose_readme.md
View File

@ -9,15 +9,10 @@ You will need to be root through the rest of the setup.
##### Table of contents
1. [Preliminary steps](#preliminary-steps)<br/>
1.1. Setup the server<br/>
1.2. Setup the domain name<br/>
1.3. Connect through SSH<br/>
1.4. Prepare the server<br/>
1.5. Retrieve the initial configuration files<br/>
1.6. Setup folders and env file<br/>
1.7. Setup nginx configuration<br/>
1.8. SSL certificate with LetsEncrypt<br/>
1.9. Requirements
1.1. [Setup the server](#setup-the-server)<br/>
1.2. [Setup the domain name](#setup-the-domain-name)<br/>
1.3. [Connect through SSH](#connect-through-ssh)<br/>
1.4. [Prepare the server](#prepare-the-server)<br/>
2. [Install Fab-manager](#install-fabmanager)<br/>
2.1. Add docker-compose.yml file<br/>
2.2. pull images<br/>
@ -54,8 +49,8 @@ You will need at least 2GB of addressable memory (RAM + swap) to install and use
We recommend 4 GB RAM for larger communities.
On DigitalOcean, create a Droplet with One-click apps **"Docker on Ubuntu 16.04 LTS"**.
This way, Docker and Docker-compose are preinstalled.
Choose a datacenter and set the hostname as your domain name.
This way, Docker and Docker-compose are pre-installed.
Choose a datacenter and set your domain name as the hostname.
With other providers, choose a [supported operating system](../README.md#software-stack) and install docker on it:
- [Debian](https://docs.docker.com/engine/installation/linux/docker-ce/debian/)
@ -63,6 +58,7 @@ With other providers, choose a [supported operating system](../README.md#softwar
Then install [Docker Compose](https://docs.docker.com/compose/install/)
<a name="setup-the-domain-name"></a>
### Setup the domain name
There are many domain name registrars on the internet, you may choose one that fit your needs.
@ -72,11 +68,13 @@ You can find an exhaustive list [on the ICANN website](https://www.icann.org/reg
2. Replace the IP address of the domain with the IP address of your VPS (This is a DNS record type A)
3. **Do not** try to access your domain name right away, DNS are not aware of the change yet so **WAIT** and be patient.
<a name="connect-through-ssh"></a>
### Connect through SSH
You can already connect to the server with this command: `ssh root@server-ip`. When DNS propagation will be done, you will be able to
connect to the server with `ssh root@your-domain-name`.
<a name="prepare-the-server"></a>
### Prepare the server
Before installing fab-manager, we recommend you to:
@ -91,144 +89,23 @@ You can run the following script as root to easily perform all these operations:
\curl -sSL prepare-vps.sleede.com | bash
```
<a name="retrieve-config-files"></a>
### Retrieve the initial configuration files
```bash
\curl -sSL https://raw.githubusercontent.com/sleede/fab-manager/master/docker/setup.sh | bash
# OR, if you don't want to install fab-manager in /apps/fabmanager, use:
\curl -sSL https://raw.githubusercontent.com/sleede/fab-manager/master/docker/setup.sh | bash -s "/my/custom/path"
```
### Setup env file
Configure the environnement variables file:
```bash
cd /apps/fabmanager
vi config/env
# or use your favorite text editor instead of vi (nano, ne...)
```
You need to carefully configure each variable before starting fab-manager.
Please refer to the [environment configuration documentation](environment.md) for explanations about those variables.
### Setup nginx configuration
Edit the nginx configuration file:
```bash
vi config/nginx/fabmanager.conf
# or use your favorite text editor instead of vi (nano, ne...)
```
Customize the following values:
* Replace **MAIN_DOMAIN** (example: fab-manager.com).
### SSL certificate with LetsEncrypt
**FOLLOW THOSE INSTRUCTIONS ONLY IF YOU WANT TO USE SSL**.
If you want to host you Fab-manager instance through SSL (which is highly recommended), you must follow the following instructions.
Let's Encrypt is a Certificate Authority that is free, automated, and open.
Lets Encrypt certificates expire after 90 days, so automation of renewing your certificates is important.
Here is the setup for a systemd timer and service to renew the certificates and reboot the app Docker container:
Generate the dhparam.pem file
```bash
mkdir -p /apps/fabmanager/config/nginx/ssl
cd /apps/fabmanager/config/nginx/ssl
openssl dhparam -out dhparam.pem 4096
```
Customize the let's encrypt configuration file
```bash
vi letsencrypt/config/webroot.ini
# or use your favorite text editor instead of vi (nano, ne...)
```
Run `docker pull quay.io/letsencrypt/letsencrypt:latest`
Create file (with sudo) /etc/systemd/system/letsencrypt.service and paste the following configuration into it:
```systemd
[Unit]
Description=letsencrypt cert update oneshot
Requires=docker.service
[Service]
Type=oneshot
ExecStart=/usr/bin/docker run --rm --name certbot_fabmanager -v "/apps/fabmanager/letsencrypt:/etc/letsencrypt" certbot/certbot:latest -c "/etc/letsencrypt/config/webroot.ini" certonly
ExecStartPost=-/usr/bin/docker restart fabmanager_nginx_1
```
Create file (with sudo) /etc/systemd/system/letsencrypt.timer and paste the following configuration into it:
```systemd
[Unit]
Description=letsencrypt oneshot timer
Requires=docker.service
[Timer]
OnCalendar=*-*-1 06:00:00
Persistent=true
Unit=letsencrypt.service
[Install]
WantedBy=timers.target
```
That's all for the moment. Keep on with the installation, we'll complete that part after deployment in the [Generate SSL certificate by Let's encrypt](#generate-ssl-cert-letsencrypt).
### Requirements
Verify that Docker and Docker-composer are installed :
(This is normally the case if you used a pre-configured image.)
```bash
docker info
docker-compose -v
```
Otherwise, follow the instructions provided in the section [Setup the server](#setup-the-server) to install.
<a name="install-fabmanager"></a>
## Install Fabmanager
### Add docker-compose.yml file
### Setup script
You should already have a `docker-compose.yml` file in your app folder `/apps/fabmanager`.
Otherwise, see the section [Retrieve the initial configuration files](#retrieve-config-files) to get it.
The docker-compose commands must be launched from the folder `/apps/fabmanager`.
### pull images
Run the following command to retrieve the initial configuration files.
This script will also guide you through the installation process by checking the requirements and asking you some configuration elements.
```bash
docker-compose pull
\curl -sSL setup.fab-manager.com | bash
```
### setup database
**OR**, if you don't want to install fab-manager in `/apps/fabmanager`, use the following instead:
```bash
docker-compose run --rm fabmanager bundle exec rake db:create # create the database
docker-compose run --rm fabmanager bundle exec rake db:migrate # run all the migrations
# replace xxx with your default admin email/password
docker-compose run --rm -e ADMIN_EMAIL=xxx -e ADMIN_PASSWORD=xxx fabmanager bundle exec rake db:seed # seed the database
\curl -sSL setup.fab-manager.com | bash -s "/my/custom/path"
```
### build assets
`docker-compose run --rm fabmanager bundle exec rake assets:precompile`
### prepare Elasticsearch (search engine)
`docker-compose run --rm fabmanager bundle exec rake fablab:es:build_stats`
### start all services
`docker-compose up -d`
<a name="generate-ssl-cert-letsencrypt"></a>
### Generate SSL certificate by Let's encrypt
@ -240,20 +117,12 @@ sudo systemctl start letsencrypt.service
```
If the certificate was successfully generated, you must update the nginx configuration to activate the ssl port and certificate.
editing the file `/apps/fabmanager/config/nginx/fabmanager.conf`.
```bash
mv /apps/fabmanager/config/nginx/fabmanager.conf /apps/fabmanager/config/nginx/fabmanager.conf.nossl
cp /apps/fabmanager/config/nginx/fabmanager.conf.ssl /apps/fabmanager/config/nginx/fabmanager.conf
vi /apps/fabmanager/config/nginx/fabmanager.conf
# or use your favorite text editor instead of vi (nano, ne...)
mv /apps/fabmanager/config/nginx/fabmanager.conf.ssl /apps/fabmanager/config/nginx/fabmanager.conf
```
Customize the following values:
* Replace **MAIN_DOMAIN** (example: fab-manager.com).
* Replace **URL_WITH_PROTOCOL_HTTPS** (example: https://www.fab-manager.com).
* Replace **ANOTHER_URL_1**, **ANOTHER_URL_2** (example: .fab-manager.fr)
Remove your app container and run your app to apply the changes running the following commands:
Remove your app container and run your app again to apply the changes running the following commands:
```bash
docker-compose down
docker-compose up -d

1
doc/environment.md
View File

@ -30,7 +30,6 @@ When using docker-compose, you should provide the name of the service in your [d
POSTGRES_PASSWORD
Password for the PostgreSQL user, as specified in `database.yml` (default: `postgres`).
Please see [Setup the FabManager database in PostgreSQL](../README.md#setup-fabmanager-in-postgresql) for information on how to create a user and set his password.
This value is only used when deploying in production, otherwise this is configured in [config/database.yml](../config/database.yml.default).
When using docker-compose, the default configuration (with `postgres` user) does not uses any password as it is confined in the docker container.
<a name="REDIS_HOST"></a>

8
setup/letsencrypt.service Normal file
View File

@ -0,0 +1,8 @@
[Unit]
Description=letsencrypt cert update oneshot
Requires=docker.service
[Service]
Type=oneshot
ExecStart=/usr/bin/docker run --rm --name certbot_fabmanager -v "/apps/fabmanager/letsencrypt:/etc/letsencrypt" certbot/certbot:latest -c "/etc/letsencrypt/config/webroot.ini" certonly
ExecStartPost=-/usr/bin/docker restart fabmanager_nginx_1

11
setup/letsencrypt.timer Normal file
View File

@ -0,0 +1,11 @@
[Unit]
Description=letsencrypt oneshot timer
Requires=docker.service
[Timer]
OnCalendar=*-*-1 06:00:00
Persistent=true
Unit=letsencrypt.service
[Install]
WantedBy=timers.target

6
setup/nginx_with_ssl.conf.example
View File

@ -8,8 +8,8 @@ server {
root /usr/src/app/public;
ssl on;
## with your ssl certificate
#ssl_certificate /etc/nginx/conf.d/ssl/MAIN_DOMAIN.crt;
#ssl_certificate_key /etc/nginx/conf.d/ssl/MAIN_DOMAIN.deprotected.key;
# ssl_certificate /etc/nginx/conf.d/ssl/MAIN_DOMAIN.crt;
# ssl_certificate_key /etc/nginx/conf.d/ssl/MAIN_DOMAIN.deprotected.key;
##
## with letsencrypt certificate (free)
ssl_certificate_key /etc/letsencrypt/live/MAIN_DOMAIN/privkey.pem;
@ -79,6 +79,6 @@ server {
server {
listen 80;
server_name MAIN_DOMAIN ANOTHER_DOMAIN_1 ANOTHER_DOMAIN_2;
server_name MAIN_DOMAIN ANOTHER_DOMAIN_1;
rewrite ^ URL_WITH_PROTOCOL_HTTPS$request_uri? permanent;
}

215
setup/setup.sh
View File

@ -1,23 +1,95 @@
#!/bin/bash
prepare_config()
DOMAINS=()
system_requirements()
{
if [ "$(whoami)" = "root" ]; then
echo "It is not recommended to run this script as root. As a normal user, elevation will be prompted if needed."
read -rp "Continue anyway? (Y/n) " confirm </dev/tty
if [[ "$confirm" = "n" ]]; then exit 1; fi
else
if ! command -v sudo; then
echo "Please install and configure sudo before running this script."
echo "sudo was not found, exiting..." && exit 1
fi
local _groups=("sudo" "docker")
for _group in "${_groups[@]}"; do
if ! groups | grep "$_group"; then
echo "Please add your current user to the $_group group."
echo "You can run the following as root: \"usermod -aG $_group $(whoami)\", then logout and login again"
echo "current user is misconfigured, exiting..." && exit 1
fi
done
fi
local _commands=("curl" "sed" "openssl" "docker" "docker-compose")
for _command in "${_commands[@]}"; do
echo "detecting $_command..."
if ! command -v "$_command"
then
echo "Please install $_command before running this script."
echo "$_command was not found, exiting..." && exit 1
fi
done
}
config()
{
echo 'We recommand nginx to serve the application over the network (internet). You can use your own solution or let this script install and configure nginx for fab-manager.'
read -rp 'Do you want install nginx? (Y/n) ' NGINX </dev/tty
if [ "$NGINX" != "n" ]; then
# if the user doesn't want nginx, let him use its own solution for HTTPS
echo "We recommand let's encrypt to secure the applicaion with HTTPS. You can use your own certificate or let this script install and configure let's encrypt for fab-manager."
read -rp "Do you want install let's encrypt? (Y/n) " LETSENCRYPT </dev/tty
if [ "$LETSENCRYPT" != "n" ]; then
read -rp "Let's encrypt requires an email address to receive notifications about certificate expiration. Please input a valid email address > " EMAIL </dev/tty
fi
# if the user doesn't want nginx, let him configure his own solution
echo "What's the domain name where the instance will be active (eg. fab-manager.com)?"
read_domain
MAIN_DOMAIN=("${DOMAINS[0]}")
OTHER_DOMAINS=${DOMAINS[*]/$MAIN_DOMAIN}
fi
}
read_domain()
{
read -rp 'Please input the domain name > ' domain </dev/tty
DOMAINS+=("$domain")
read -rp 'Do you have any other domain (eg. www.fab-manager.com)? (y/N)' confirm </dev/tty
if [ "$confirm" == "y" ]; then
read_domain
fi
}
prepare_files()
{
FABMANAGER_PATH=${1:-/apps/fabmanager}
mkdir -p "$FABMANAGER_PATH/config/nginx/ssl"
mkdir -p "$FABMANAGER_PATH/letsencrypt/config"
mkdir -p "$FABMANAGER_PATH/letsencrypt/etc/webrootauth"
mkdir -p "$FABMANAGER_PATH/elasticsearch/config"
# fab-manager environment variables
\curl -sSL https://raw.githubusercontent.com/sleede/fab-manager/master/setup/env.example > "$FABMANAGER_PATH/config/env"
# nginx configuration
\curl -sSL https://raw.githubusercontent.com/sleede/fab-manager/master/setup/nginx_with_ssl.conf.example > "$FABMANAGER_PATH/config/nginx/fabmanager.conf.ssl"
\curl -sSL https://raw.githubusercontent.com/sleede/fab-manager/master/setup/nginx.conf.example > "$FABMANAGER_PATH/config/nginx/fabmanager.conf"
if [ "$NGINX" = "y" ]; then
mkdir -p "$FABMANAGER_PATH/config/nginx"
\curl -sSL https://raw.githubusercontent.com/sleede/fab-manager/master/setup/nginx_with_ssl.conf.example > "$FABMANAGER_PATH/config/nginx/fabmanager.conf.ssl"
\curl -sSL https://raw.githubusercontent.com/sleede/fab-manager/master/setup/nginx.conf.example > "$FABMANAGER_PATH/config/nginx/fabmanager.conf"
fi
# let's encrypt configuration
\curl -sSL https://raw.githubusercontent.com/sleede/fab-manager/master/setup/webroot.ini.example > "$FABMANAGER_PATH/letsencrypt/config/webroot.ini"
if [ "$LETSENCRYPT" = "y" ]; then
mkdir -p "$FABMANAGER_PATH/letsencrypt/config"
mkdir -p "$FABMANAGER_PATH/letsencrypt/systemd"
mkdir -p "$FABMANAGER_PATH/letsencrypt/etc/webrootauth"
\curl -sSL https://raw.githubusercontent.com/sleede/fab-manager/master/setup/webroot.ini.example > "$FABMANAGER_PATH/letsencrypt/config/webroot.ini"
# temp systemd files
\curl -sSL https://raw.githubusercontent.com/sleede/fab-manager/master/setup/letsencrypt.service > "$FABMANAGER_PATH/letsencrypt/systemd/letsencrypt.service"
\curl -sSL https://raw.githubusercontent.com/sleede/fab-manager/master/setup/letsencrypt.timer > "$FABMANAGER_PATH/letsencrypt/systemd/letsencrypt.timer"
fi
# ElasticSearch configuration files
\curl -sSL https://raw.githubusercontent.com/sleede/fab-manager/master/setup/elasticsearch.yml > "$FABMANAGER_PATH/elasticsearch/config/elasticsearch.yml"
@ -27,11 +99,136 @@ prepare_config()
\curl -sSL https://raw.githubusercontent.com/sleede/fab-manager/master/setup/docker-compose.yml > "$FABMANAGER_PATH/docker-compose.yml"
}
prepare_nginx()
{
if [ "$NGINX" != "n" ]; then
sed -i.bak "s/MAIN_DOMAIN/${MAIN_DOMAIN[0]}/g" "$FABMANAGER_PATH/config/nginx/fabmanager.conf"
sed -i.bak "s/MAIN_DOMAIN/${MAIN_DOMAIN[0]}/g" "$FABMANAGER_PATH/config/nginx/fabmanager.conf.ssl"
sed -i.bak "s/ANOTHER_DOMAIN_1/$OTHER_DOMAINS/g" "$FABMANAGER_PATH/config/nginx/fabmanager.conf.ssl"
sed -i.bak "s/URL_WITH_PROTOCOL_HTTPS/https://${MAIN_DOMAIN[0]}/g" "$FABMANAGER_PATH/config/nginx/fabmanager.conf.ssl"
fi
}
prepare_letsencrypt()
{
mkdir -p "$FABMANAGER_PATH/config/nginx/ssl"
echo "Now, we will generate a Diffie-Hellman (DH) 4096 bits encryption key, to encrypt connections. This will take a moment, please wait..."
openssl dhparam -out "$FABMANAGER_PATH/config/nginx/ssl/dhparam.pem" 4096
sed -i.bak "s/REPLACE_WITH_YOUR@EMAIL.COM/$EMAIL/g" "$FABMANAGER_PATH/letsencrypt/config/webroot.ini"
sed -i.bak "s/MAIN_DOMAIN/${MAIN_DOMAIN[0]}/g" "$FABMANAGER_PATH/letsencrypt/config/webroot.ini"
sed -i.bak "s/ANOTHER_DOMAIN_1/$OTHER_DOMAINS/g" "$FABMANAGER_PATH/letsencrypt/config/webroot.ini"
docker pull certbot/certbot:latest
sed -i.bak "s:/apps/fabmanager:$FABMANAGER_PATH:g" "$FABMANAGER_PATH/letsencrypt/systemd/letsencrypt.service"
sudo cp "$FABMANAGER_PATH/letsencrypt/systemd/letsencrypt.service" /etc/systemd/system/letsencrypt.service
sudo cp "$FABMANAGER_PATH/letsencrypt/systemd/letsencrypt.timer" /etc/systemd/system/letsencrypt.timer
}
prepare_docker()
{
cd "$FABMANAGER_PATH" && docker-compose pull
}
get_md_anchor()
{
local md_file="$1"
local anchor="$2"
local section
section=$(echo "$md_file" | sed -n "/<a name=\"$anchor/,/<a name=/p" | tail -n +2)
if [[ $(echo section | tail -n -1) == *"<a name="* ]]; then
section=$(echo section | head -n -1)
fi
echo "$section"
}
configure_env_file()
{
echo "We will now configure the environment variables."
echo "This allows you to customize Fab-Manager's appearance and behavior."
read -rp "Proceed? (Y/n)" confirm </dev/tty
if [ "$confirm" = "n" ]; then return; fi
local doc, variables, secret
doc=$(\curl -sSL https://raw.githubusercontent.com/sleede/fab-manager/master/doc/environment.md)
variables=(STRIPE_API_KEY STRIPE_PUBLISHABLE_KEY STRIPE_CURRENCY INVOICE_PREFIX FABLAB_WITHOUT_PLANS FABLAB_WITHOUT_SPACES FABLAB_WITHOUT_ONLINE_PAYMENT FABLAB_WITHOUT_INVOICES \
PHONE_REQUIRED EVENTS_IN_CALENDAR SLOT_DURATION DEFAULT_MAIL_FROM DELIVERY_METHOD DEFAULT_HOST DEFAULT_PROTOCOL SMTP_ADDRESS SMTP_PORT SMTP_USER_NAME SMTP_PASSWORD SMTP_AUTHENTICATION \
SMTP_ENABLE_STARTTLS_AUTO SMTP_OPENSSL_VERIFY_MODE SMTP_TLS GA_ID RECAPTCHA_SITE_KEY RECAPTCHA_SECRET_KEY DISQUS_SHORTNAME TWITTER_NAME TWITTER_CONSUMER_KEY TWITTER_CONSUMER_SECRET \
TWITTER_ACCESS_TOKEN TWITTER_ACCESS_TOKEN_SECRET FACEBOOK_APP_ID LOG_LEVEL ALLOWED_EXTENSIONS ALLOWED_MIME_TYPES MAX_IMAGE_SIZE MAX_CAO_SIZE MAX_IMPORT_SIZE DISK_SPACE_MB_ALERT \
ADMIN_EMAIL ADMIN_PASSWORD SUPERADMIN_EMAIL APP_LOCALE RAILS_LOCALE MOMENT_LOCALE SUMMERNOTE_LOCALE ANGULAR_LOCALE MESSAGEFORMAT_LOCALE FULLCALENDAR_LOCALE ELASTICSEARCH_LANGUAGE_ANALYZER \
TIME_ZONE WEEK_STARTING_DAY D3_DATE_FORMAT UIB_DATE_FORMAT EXCEL_DATE_FORMAT OPENLAB_APP_ID OPENLAB_APP_SECRET OPENLAB_DEFAULT)
for variable in "${variables[@]}"; do
local var_doc, current
var_doc=$(get_md_anchor "$doc" "$variable")
current=$(grep "$variable" "$FABMANAGER_PATH/config/env")
echo "$var_doc"
echo "Current value: $current"
read -rp "New value? (leave empty to keep current value)\n > " value </dev/tty
if [ "$value" != "" ]; then
sed -i.bak "s/$current/$variable=$value/g" "$FABMANAGER_PATH/config/env"
fi
done
# we automatically generate the SECRET_KEY_BASE
secret=$(cd "$FABMANAGER_PATH" && docker-compose run --rm fabmanager bundle exec rake secret)
sed -i.bak "s/SECRET_KEY_BASE=/SECRET_KEY_BASE=$secret/g" "$FABMANAGER_PATH/config/env"
}
read_password()
{
local password, confirmation
read -rsp "Please input a password for this administrator's account\n > " password </dev/tty
read -rsp "Confirm the password\n > " confirmation </dev/tty
if [ "$password" != "$confirmation" ]; then
echo "Error: passwords mismatch"
password=$(read_password)
fi
echo "$password"
}
setup_assets_and_databases()
{
echo "We will now setup the database."
read -rp "Continue? (Y/n)" confirm </dev/tty
if [ "$confirm" = "n" ]; then return; fi
cd "$FABMANAGER_PATH" && docker-compose run --rm fabmanager bundle exec rake db:create # create the database
cd "$FABMANAGER_PATH" && docker-compose run --rm fabmanager bundle exec rake db:migrate # run all the migrations
# prompt default admin email/password
read -rp "We will create the default administrator of Fab-Manager. Please input a valid email address\n > " EMAIL </dev/tty
PASSWORD=$(read_password)
cd "$FABMANAGER_PATH" && docker-compose run --rm -e ADMIN_EMAIL="$EMAIL" -e ADMIN_PASSWORD="$PASSWORD" fabmanager bundle exec rake db:seed # seed the database
# now build the assets
cd "$FABMANAGER_PATH" && docker-compose run --rm fabmanager bundle exec rake assets:precompile
# and prepare elasticsearch
cd "$FABMANAGER_PATH" && docker-compose run --rm fabmanager bundle exec rake fablab:es:build_stats
}
start()
{
cd "$FABMANAGER_PATH" && docker-compose up -d
}
function trap_ctrlc()
{
echo "Ctrl^C, exiting..."
exit 2
}
trap "trap_ctrlc" 2 # SIGINT
prepare_config "$@"
setup()
{
trap "trap_ctrlc" 2 # SIGINT
system_requirements
config
prepare_files "$@"
prepare_nginx
prepare_letsencrypt
prepare_docker
configure_env_file
setup_assets_and_databases
start
# TODO generate certificate, reconfigure nginx and restart
}
setup "$@"

7
setup/webroot.ini.example
View File

@ -1,10 +1,7 @@
rsa-key-size = 4096
server = https://acme-v01.api.letsencrypt.org/directory
email = REPLACE_WITH_YOUR@EMAIL.COM
text = True
agree-tos = True
agree-dev-preview = True
renew-by-default = True
authenticator = webroot
domains = MAIN_DOMAIN, ANOTHER_DOMAIN_1, ANOTHER_DOMAIN_2
webroot-path = /etc/letsencrypt/webrootauth
domains = MAIN_DOMAIN, ANOTHER_DOMAIN_1
non-interactive = True