Pål Håland 8c56356459 Merge remote-tracking branch 'upstream/dev' into dev		8 years ago
..
README.md	8c56356459 Merge remote-tracking branch 'upstream/dev' into dev	8 years ago
apache.sh	5288c54aad deploy apache script: fix comment (dovecot/apache)	8 years ago
cpanel.sh	04e0f87c03 add doc	8 years ago
dovecot.sh	f845b371ce fix format	8 years ago
exim4.sh	df14085ec8 spelling: oops	8 years ago
haproxy.sh	f845b371ce fix format	8 years ago
keychain.sh	68eb627d62 deploy for OSX Keychain	8 years ago
kong.sh	1231b71245 Update the notes	8 years ago
myapi.sh	b4325026b1 exe	8 years ago
mysqld.sh	f845b371ce fix format	8 years ago
nginx.sh	f845b371ce fix format	8 years ago
opensshd.sh	f845b371ce fix format	8 years ago
pureftpd.sh	f845b371ce fix format	8 years ago
routeros.sh	8a604bd2a1 Fixing syntax for schell script checking	8 years ago
vsftpd.sh	df14085ec8 spelling: oops	8 years ago

Using deploy api

Before you can deploy your cert, you must issue the cert first.

Here are the scripts to deploy the certs/key to the server/services.

1. Deploy the certs to your cpanel host.

(cpanel deploy hook is not finished yet, this is just an example.)

Then you can deploy now:

export DEPLOY_CPANEL_USER=myusername
export DEPLOY_CPANEL_PASSWORD=PASSWORD
acme.sh --deploy -d example.com --deploy-hook cpanel

2. Deploy ssl cert on kong proxy engine based on api.

Before you can deploy your cert, you must issue the cert first. Currently supports Kong-v0.10.x.

acme.sh --deploy -d ftp.example.com --deploy-hook kong

3. Deploy the cert to remote server through SSH access.

(TODO)

4. Deploy the cert to local vsftpd server.

acme.sh --deploy -d ftp.example.com --deploy-hook vsftpd

The default vsftpd conf file is /etc/vsftpd.conf, if your vsftpd conf is not in the default location, you can specify one:

export DEPLOY_VSFTPD_CONF="/etc/vsftpd.conf"

acme.sh --deploy -d ftp.example.com --deploy-hook vsftpd

The default command to restart vsftpd server is service vsftpd restart, if it doesn't work, you can specify one:

export DEPLOY_VSFTPD_RELOAD="/etc/init.d/vsftpd restart"

acme.sh --deploy -d ftp.example.com --deploy-hook vsftpd

5. Deploy the cert to local exim4 server.

acme.sh --deploy -d ftp.example.com --deploy-hook exim4

The default exim4 conf file is /etc/exim/exim.conf, if your exim4 conf is not in the default location, you can specify one:

export DEPLOY_EXIM4_CONF="/etc/exim4/exim4.conf.template"

acme.sh --deploy -d ftp.example.com --deploy-hook exim4

The default command to restart exim4 server is service exim4 restart, if it doesn't work, you can specify one:

export DEPLOY_EXIM4_RELOAD="/etc/init.d/exim4 restart"

acme.sh --deploy -d ftp.example.com --deploy-hook exim4

6. Deploy the cert to OSX Keychain

acme.sh --deploy -d ftp.example.com --deploy-hook keychain

7. Deploy the cert to remote routeros

acme.sh --deploy -d ftp.example.com --deploy-hook routeros

Before you can deploy the certificate to router os, you need to add the id_rsa.pub key to the routeros and assign a user to that key. The user need to have access to ssh, ftp, read and write.

Then you need to set the environment variables for the deploy script to work.

export ROUTER_OS_USERNAME=certuser
export ROUTER_OS_HOST=router.example.com

acme.sh --deploy -d ftp.example.com --deploy-hook routeros

README.md