commit bcf5e3f10c4fef64f40beb6ca3a73bcc225c4c54
parent 9aea61b1f29a58858844ee3a81fb920dab91f77c
Author: Javier Sepulveda <javier.sepulveda@uv.es>
Date: Wed, 22 May 2024 11:18:53 +0200
Fix nesting issue with the index of System administration section
Diffstat:
1 file changed, 26 insertions(+), 13 deletions(-)
diff --git a/system-administration/lego-certificates.rst b/system-administration/lego-certificates.rst
@@ -1,10 +1,27 @@
+..
+ This file is part of GNU TALER.
+ Copyright (C) 2014-2023 Taler Systems SA
+
+ TALER is free software; you can redistribute it and/or modify it under the
+ terms of the GNU Affero General Public License as published by the Free Software
+ Foundation; either version 2.1, or (at your option) any later version.
+
+ TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License along with
+ TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+
+ @author Javier Sepulveda
+
.. image:: images/lego-logo.svg
:width: 300
:height: 150
:alt: lego logo
What is Lego
-###############
+============
Let's Encrypt client and ACME library written in Go.
@@ -16,7 +33,7 @@ Let's Encrypt client and ACME library written in Go.
Why lego is better for managing certificates
-===============================================
+============================================
* The process is not considered a live process, so in case something goes wrong your websites won't break.
* You can hook some actions after the renewal process, such as reloading Dovecot.
@@ -25,7 +42,7 @@ Why lego is better for managing certificates
Requirements
-=============
+============
- A fully automation of installing and deploying Lego can be found in migration-exercise-stable.git/taler.net/lego-certificates
- If you want to do things manually instead, you can execute the "install-lego.sh" file.
- To use our script simply execute the "main-certs.sh" file, which not only will install lego on your system, but
@@ -36,7 +53,7 @@ Requirements
the port 80.
Installation and deployment with a script
-#############################################
+=========================================
#. Git clone migration-exercise-stable.git
#. Navigate to the folder taler.net/lego-certificates
@@ -62,14 +79,14 @@ Manually installing Lego
Full documentation on how to use Lego can be found in: https://go-acme.github.io/lego/
Usage of lego once it has been installed
-###############################################
+========================================
* Each time you want to add an additional domain to your setup, just add the FQDN to the "domains" text file
* There is nothing else to do in your side now, the server itself will trigger automatically (systemd timer) the "renew-certs.service"
* We have implemented the use of lego with systemd timers, so there is not additional maintenance
Automatic renewal of certificates
-##################################
+=================================
We use systemd timers do undertake this.
@@ -87,13 +104,13 @@ Email notifications
* On each successful renewal, you will receive an email notification from the script.
Additional information for troubleshooting
-###############################################
+==========================================
Once you have the certificate generated files (/root/.lego/xxx.crt, /root/.lego/xxx.key)
they will be copied to /etc/ssl/certs and /etc/ssl/private, respectively.
How to configure NGINX to use your certificates
-##################################################
+===============================================
In the NGINX virtualhost configuration file just include "include conf.d/talerssl.conf;" line, and
make sure you have a file named "talerssl.conf" in the path: /etc/nginx/conf.d with the next content:
@@ -112,7 +129,7 @@ make sure you have a file named "talerssl.conf" in the path: /etc/nginx/conf.d w
Presence of Lego in our servers
-######################################
+===============================
* TUE - University of Eindhoven
@@ -125,7 +142,3 @@ Presence of Lego in our servers
-
-
-
-
