Browse Source

Additional documentation for the unifi example.

dnsconf
David Kerr 8 years ago
parent
commit
76c1ed6628
  1. 16
      deploy/README.md

16
deploy/README.md

@ -143,7 +143,21 @@ export ACME_DEPLOY_SSH_REMOTE_CMD="openssl pkcs12 -export \
acme.sh --deploy -d unifi.example.com --deploy-hook ssh acme.sh --deploy -d unifi.example.com --deploy-hook ssh
``` ```
Note how in this exmple we execute several commands on the remote host
In this exmple we execute several commands on the remote host
after the certificate files have been copied... to generate a pkcs12 file after the certificate files have been copied... to generate a pkcs12 file
compatible with Unifi, to import it into the Unifi keystore and then finaly compatible with Unifi, to import it into the Unifi keystore and then finaly
to restart the service. to restart the service.
Note also that once the certificate is imported
into the keystore the individual certificate files are no longer
required. We could if we desired delete those files immediately. If we
do that then we should disable backup at the remote host (as there are
no files to backup -- they were erased during deployment). For example...
```sh
export ACME_DEPLOY_SSH_BACKUP=no
# modify the end of the remte command...
&& rm /var/lib/unifi/unifi.example.com.key \
/var/lib/unifi/unifi.example.com.cer \
/var/lib/unifi/unifi.example.com.p12 \
&& service unifi restart
```
Loading…
Cancel
Save