From 6af33d0e4c7acc3a57a25ebe3102df0ac19952b4 Mon Sep 17 00:00:00 2001 From: Matthew Fennell Date: Sun, 28 Dec 2025 17:13:49 +0000 Subject: Remove README It will only get out of date, especially the config section. I can't see this project being useful for anyone but me, but if someone contacts me saying they use this repo, I'll recreate the README to match what questions they have. I don't think that's a likely scenario, though. --- README.md | 69 --------------------------------------------------------------- 1 file changed, 69 deletions(-) delete mode 100644 README.md diff --git a/README.md b/README.md deleted file mode 100644 index 6160198..0000000 --- a/README.md +++ /dev/null @@ -1,69 +0,0 @@ - - -# Automatic certificate renewal - -This project is a wrapper around [LEGO](https://go-acme.github.io/lego/). Given -a toml config file with various information about domains, it invokes lego to -renew the certificates automatically. - -We take care to reuse the account used to generate the request. This means that -TLSA records will remain correct after renewal. - -## Config file - -Place a `config.toml` file in the current working directory. - -This file has a `[config]` section, and a section for each individual domain, -e.g. `[domains.example-org]`. Apart from being under the `domain` section, -domain headers do not have to be named in any particular way. - -Imagine you would like to deploy certificates to both a forgejo and prosody -instance to `example.org`. Then, your config might look like this: - -```toml -[config] - -acme_server = "https://acme-v02.api.letsencrypt.org/directory" -timeout_seconds = 600 - -[domains.example-org] - -acme_email = "user@example.org" -desec_token = "3x4mPl3t0K3n" -renew_days = 60 - -domains = [ - "example.org", - "anon.example.org", - "conference.example.org", - "turn.example.org", - "upload.example.org", - "webchat.example.org", -] - -renew_script = "install-for ~/.ssh/id_rsa --prosody admin@chat.example.org --forgejo admin@example.org" -``` - -This will generate a single certificate for all of the given domains (with the -first in the list being the "main" domain), and then use the provided ssh key -and script to install the certificate for the given services, across the given -hosts. - -## Git hooks - -We provide sample git hooks in the `hooks` directory. To use these, ensure the -following packages are installed: - -* black -* gitlint -* mypy -* reuse -* shellcheck - -```shell -$ git config core.hooksPath hooks -``` -- cgit v1.2.3