From 7e237c5baf9f8ddf4e0930e00cef75d57d14ef0d Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Tue, 8 Dec 2015 11:48:34 +0100 Subject: Refine config --- acme.conf | 49 ++++++++++++++++++------------------------------- acme.toml | 18 +++++++++--------- 2 files changed, 27 insertions(+), 40 deletions(-) diff --git a/acme.conf b/acme.conf index b785341..705137a 100644 --- a/acme.conf +++ b/acme.conf @@ -1,47 +1,34 @@ -# provider definitions -provider lev1 \ - directory https://acme-v01.api.letsencrypt.org/directory +# global settings +set geracetime 1 week -provider les \ - directory https://acme-staging.api.letsencrypt.org/directory +# provider definitions +provider lev1 https://acme-v01.api.letsencrypt.org/directory +provider les https://acme-staging.api.letsencrypt.org/directory # account definitions -account another@example.com \ - key /etc/another.key \ - provider les +account another@example.com key /etc/another.key provider les +account mailmaster@example.com key /etc/mailmaster.key provider les -account mailmaster@example.com \ - key /etc/mailmaster.key \ - provider les +# hook definitions +hook nginx "sudo service nginx reload" +hook dovecot "sudo service dovecot reload" -# domain definitions -domain www.example.com \ - altnames { example.com, www2.example.com } \ +# desire definitions +desire { www.example.com, example.com, www2.example.com } \ key /etc/ssl/private/www_example_com.key \ cert /etc/ssl/cert/www_example_com.pem \ webroot /var/www/htdocs \ - using another@example.com \ - gracetime 1 week \ + from another@example.com \ hook nginx - -# domains with prefix www imply altname without www -domain www.example.net \ +# desire with prefix www imples altname without www +desire www.example.net \ key /etc/ssl/private/www_example_net.key \ cert /etc/ssl/cert/www_example_net.pem \ - using another@example.com + from another@example.com -domain mail.example.com \ +desire mail.example.com \ key /etc/ssl/private/mail_example_com.key \ cert /etc/ssl/cert/mail_example_com.pem \ - using another@example.com \ - gracetime 1 week \ + from mailmaster@example.com \ hook dovecot - -# hook definitions -hook nginx \ - cmd "sudo service nginx reload" - -hook dovecot \ - cmd "sudo service dovecot reload" - diff --git a/acme.toml b/acme.toml index 3b9e29a..5476217 100644 --- a/acme.toml +++ b/acme.toml @@ -9,6 +9,15 @@ mail = "another@example.com" key = "/etc/acme.key" provider = "les" +[hook.nginx] +cmd = "sudo service nginx reload" + +[hook.dovecot] +cmd = "sudo service dovecot reload" + +[hook.smtpd] +cmd = "sudo service smtpd reload" + [[desire]] altnames = [ "www.example.com", "example.com" ] key = "/etc/ssl/private/www_example_com.key" @@ -25,12 +34,3 @@ cert = "/etc/ssl/certs/mail_example_com.pem" account = "example" gracetime = "1 week" hook = [ "dovecot", "smtpd" ] - -[hook.nginx] -cmd = "sudo service nginx reload" - -[hook.dovecot] -cmd = "sudo service dovecot reload" - -[hook.smtpd] -cmd = "sudo service smtpd reload" -- cgit v1.2.3