public_git
/
pikvm
mirror of https://github.com/pikvm/pikvm.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Ensure credential files are owned by kvmd-certbot (#1036) 

The current instructions will lead to the file being owned by root with
rw permissions only granted to the owner. However, the kvmd-certbot
script around certbot will invoke certbot as the user kvmd-certbot.
Therefore the credential files must be owned by kvmd-certbot.
This commit is contained in:
Kevin O'Connor 2023-06-22 02:56:34 -04:00 committed by GitHub
parent 5897273a59
commit f7d35db2e6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/letsencrypt.md
View File

@ -69,6 +69,7 @@ This example shows that PiKVM may not be accessible from the internet, but you c
# kvmd-pstrun -- mkdir -p /var/lib/kvmd/pst/data/certbot/runroot # kvmd-pstrun -- mkdir -p /var/lib/kvmd/pst/data/certbot/runroot
# kvmd-pstrun -- nano /var/lib/kvmd/pst/data/certbot/runroot/.cloudflare.auth # kvmd-pstrun -- nano /var/lib/kvmd/pst/data/certbot/runroot/.cloudflare.auth
# kvmd-pstrun -- chmod 600 /var/lib/kvmd/pst/data/certbot/runroot/.cloudflare.auth # kvmd-pstrun -- chmod 600 /var/lib/kvmd/pst/data/certbot/runroot/.cloudflare.auth
# kvmd-pstrun -- chown kvmd-certbot: /var/lib/kvmd/pst/data/certbot/runroot/.cloudflare.auth
``` ```
3. Obtain the certificate: 3. Obtain the certificate:
@ -154,6 +155,7 @@ This example shows that PiKVM may not be accessible from the internet, but you c
``` ```
# kvmd-pstrun -- chmod 600 /var/lib/kvmd/pst/data/certbot/runroot/.route53.auth # kvmd-pstrun -- chmod 600 /var/lib/kvmd/pst/data/certbot/runroot/.route53.auth
# kvmd-pstrun -- chown kvmd-certbot: /var/lib/kvmd/pst/data/certbot/runroot/.route53.auth
``` ```
4. Obtain the certificate: 4. Obtain the certificate: