syntax fix

docs/letsencrypt.md

@@ -9,6 +9,7 @@ file system, special tools around Certbot are required to work with certificates
     This feature is available on images as old as 2022.06.19 since it requires [PST storage partition on SD card](pst.md).
     Ports 80+443 need to be opened if you are port forwarding for this to work properly.
 
+
 ## Basic setup
 
 1. Update the OS and make sure that you are using a new image with [PST storage](pst.md).
@@ -45,10 +46,12 @@ file system, special tools around Certbot are required to work with certificates
     ```
 
 5. Enable automatic certificate renewal:
+
     ```
     # systemctl enable --now kvmd-certbot.timer
     ```
 
+
 ## Cloudflare DNS
 
 This example shows that PiKVM may not be accessible from the internet, but you can still get a certificate if you use Cloudflare DNS.
@@ -83,6 +86,7 @@ This example shows that PiKVM may not be accessible from the internet, but you c
 
 4. Next follow the basic guide.
 
+
 ## Route53 DNS
 
 This example shows that PiKVM may not be accessible from the internet, but you can still get a certificate if you use AWS Route53 DNS. Make sure you are running an image newer than 2022.06.20 and kvmd version 3.119-1 or greater.
@@ -95,7 +99,8 @@ This example shows that PiKVM may not be accessible from the internet, but you c
     ```
 
 2. Configure Your AWS User
-   For the certbot_dns_route53 plugin to work it needs to be able to connect to AWS using an access key with the correct permissions.
+
+    For the `certbot_dns_route53` plugin to work it needs to be able to connect to AWS using an access key with the correct permissions.
 
     To do this securely you’ll want to create a new AWS user that only has the necessary permissions it needs to work.
 
@@ -179,6 +184,7 @@ This example shows that PiKVM may not be accessible from the internet, but you c
     # systemctl enable --now kvmd-certbot.timer
     ```
 
+
 ## ACME DNS
 
 [ACME DNS](https://github.com/joohoi/acme-dns) is a _"Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely."_ The [acme-dns-client](https://github.com/acme-dns/acme-dns-client) works, in conjunction, with Certbot (**`kvmd-certbot`**) to enable **`DNS-01`** challenge support via ACME DNS.
@@ -186,7 +192,6 @@ This example shows that PiKVM may not be accessible from the internet, but you c
 These instructions are for how to install and use the **`acme-dns-client`** with ACME DNS for PiKVM.
 
 Assumptions:
-
 - ACME DNS is already set up and functioning in the environment
 - ACME DNS Server is **`auth.example.org`**
 - PiKVM Fully Qualified Domain Name (FQDN) is **`pikvm.example.org`**
@@ -197,8 +202,10 @@ Not in Scope:
 
 - Installation and Setup of ACME DNS Server
 
-1. Ensure that Step 1 from [Basic Setup](https://docs.pikvm.org/letsencrypt/#basic-setup) has been completed
+1. Ensure that Step 1 from [Basic Setup](https://docs.pikvm.org/letsencrypt/#basic-setup) has been completed.
+
 2. Visit the [Releases](https://github.com/acme-dns/acme-dns-client/releases) page to get the URL for the latest **`acme-dns-client`** release.
+
     !!! note
         PiKVM OS is 32-bit, which is **`linux_armv6`**.
 
@@ -216,30 +223,31 @@ Not in Scope:
     !!! note
         Make sure to replace the URL below with the one gathered from Step 1. As of the writing of this documentation, the latest (and demonstrated) version is **v0.3**.
 
-   ```sh
+    ```
-   mkdir /etc/acmedns
+    # mkdir /etc/acmedns
-   curl -LO https://github.com/acme-dns/acme-dns-client/releases/download/v0.3/acme-dns-client_0.3_linux_armv6.tar.gz
+    # curl -LO https://github.com/acme-dns/acme-dns-client/releases/download/v0.3/acme-dns-client_0.3_linux_armv6.tar.gz
-   tar -zxvf acme-dns-client_0.3_linux_armv6.tar.gz
+    # tar -zxvf acme-dns-client_0.3_linux_armv6.tar.gz
-   mv acme-dns-client /etc/acmedns/acme-dns-client
+    # mv acme-dns-client /etc/acmedns/acme-dns-client
-   ln -sf /etc/acmedns/acme-dns-client /usr/local/bin/acme-dns-client
+    # ln -sf /etc/acmedns/acme-dns-client /usr/local/bin/acme-dns-client
-   rm LICENSE
+    # rm LICENSE
-   rm README.md
+    # rm README.md
-   rm acme-dns-client_0.3_linux_armv6.tar.gz
+    # rm acme-dns-client_0.3_linux_armv6.tar.gz
-   acme-dns-client
+    # acme-dns-client
     ```
 
 4. Register **`acme-dns-client`** with ACME DNS
+
     !!! note
         This is interactive, follow instructions for creating and verifying the appropriate `CNAME` record.  
    
-   ```sh
+    ```
-   acme-dns-client register -d pikvm.example.org -s http://auth.example.org
+    # acme-dns-client register -d pikvm.example.org -s http://auth.example.org
     ```
 
     Once registration is complete ownership of `clientstorage.json` must be changed to `kvmd-certbot`.
    
-   ```sh
+    ```
-   chown kvmd-certbot:kvmd-certbot /etc/acmedns/clientstorage.json
+    # chown kvmd-certbot:kvmd-certbot /etc/acmedns/clientstorage.json
     ```
 
     !!! note
@@ -247,14 +255,14 @@ Not in Scope:
 
 5. Register Certbot
 
-   ```sh
+    ```
-   kvmd-certbot register
+    # kvmd-certbot register
     ```
 
 6. Request Certificate via Certbot
 
-   ```sh
+    ```
-   kvmd-certbot certonly --manual --preferred-challenges dns --manual-auth-hook 'acme-dns-client' -d pikvm.example.org
+    # kvmd-certbot certonly --manual --preferred-challenges dns --manual-auth-hook 'acme-dns-client' -d pikvm.example.org
     ```
 
     !!! note
@@ -262,6 +270,7 @@ Not in Scope:
 
 7. Follow steps 3 through 5 under [Basic Setup](https://docs.pikvm.org/letsencrypt/#basic-setup) to complete setup and renewal of certificates
 
+
 ## Wireguard proxy
 
 If you don't have public IP, and you don't want to put your API keys in PiKVM,
@@ -286,8 +295,7 @@ The example assumes:
     pikvm1.int.example. IN CNAME  acme-proxy.example.
     ```
 
-3. On the public VPS, configure HTTP proxy to forward
+3. On the public VPS, configure HTTP proxy to forward `/.well-known/acme-challenge` to PiKVM. For example in nginx:
-   `/.well-known/acme-challenge` to PiKVM. For example in nginx:
 
     ```nginx
     server {