Adora Laura Kalb
6c2b04e6b9
All checks were successful
ci/woodpecker/push/deploy-docs Pipeline was successful
83 lines
3.2 KiB
Markdown
83 lines
3.2 KiB
Markdown
# certwarden-deploy
|
|
![status-badge](https://ci.lila.network/api/badges/22/status.svg)
|
|
[![Please don't upload to GitHub](https://nogithub.codeberg.page/badge.svg)](https://nogithub.codeberg.page)
|
|
|
|
This is a simple binary to deploy certificates from a [CertWarden](https://www.certwarden.com/) instance.
|
|
|
|
## Quick Start
|
|
|
|
Installation of the required CertWarden instance is out of scope of this documentation. For detailed instructions regarding CertWarden, please visit [it's documentation](https://www.certwarden.com/docs/introduction/)
|
|
|
|
|
|
To quickly get started with `certwarden-deploy`, just download the binary...
|
|
|
|
```shell
|
|
# this downloads certwarden-deploy version 0.2.1
|
|
# to /usr/local/bin/certwarden-deploy
|
|
sudo wget https://code.lila.network/adoralaura/certwarden-deploy/releases/download/0.2.1/certwarden-deploy-0.2.1-linux-amd64 -O /usr/local/bin/certwarden-deploy
|
|
|
|
sudo chmod +x /usr/local/bin/certwarden-deploy
|
|
```
|
|
|
|
... fill out the config file...
|
|
```shell
|
|
vi /etc/certwarden-deploy/config.yaml
|
|
```
|
|
```yaml
|
|
# Base URL of the CertWarden instance
|
|
# required
|
|
base_url: "https://certwarden.example.com"
|
|
|
|
# Set this to true if your CertWarden instance does not have a publicly trusted
|
|
# TLS certificate (e.g. it has a self signed one)
|
|
# default is false
|
|
disable_certificate_validation: false
|
|
|
|
# define all managed certificates here
|
|
certificates:
|
|
# name is a unique identifier that must start and end with an alphanumeric character,
|
|
# and can contain the following characters: a-zA-Z0-9._-
|
|
# required
|
|
- name: test-certificate.example.com
|
|
# Contains the API-Key to fetch the certificate from the server
|
|
# required
|
|
cert_secret: examplekey_notvalid_hrzjGDDw8z
|
|
# path where to save the certificate
|
|
# required
|
|
cert_path: "/path/to/test-certificate.example.com-cert.pem"
|
|
# Contains the API-Key to fetch the private key from the server
|
|
# required
|
|
key_secret: examplekey_notvalid_hrzbbDDw8z
|
|
# path where to save the private key
|
|
# required
|
|
key_path: "/path/to/test-certificate.example.com-key.pem"
|
|
# action to run when certificate was updated or --force is on
|
|
action: "/usr/bin/systemd reload caddy"
|
|
```
|
|
|
|
... and run it!
|
|
```shell
|
|
certwarden-deploy -v
|
|
```
|
|
## Contributing
|
|
|
|
I use my own [Forgejo Instance](https://code.lila.network) to manage issues and pull requests.
|
|
|
|
* If you have a trivial fix or improvement, go ahead and create a pull request,
|
|
addressing (with `@...`) the maintainer of this repository (see
|
|
[MAINTAINERS.md](MAINTAINERS.md)) in the description of the pull request.
|
|
|
|
* If you plan to do something more involved, first please [send me a mail]( mailto:dev@lauka.net?subject=%5Bcertwarden-deploy%5D).
|
|
|
|
### What to contribute
|
|
|
|
The best way to help without speaking a lot of Go would be to share your
|
|
configuration, alerts, dashboards, and recording rules. If you have something
|
|
that works and is not in the repository, please pay it forward and
|
|
share what works.
|
|
|
|
## Changelog
|
|
You can find the Changelog here: [Changelog](https://code.lila.network/adoralaura/certwarden-deploy/src/branch/main/CHANGELOG.md)
|
|
|
|
## License
|
|
`certwarden-deploy` is available under the MIT license. See the [LICENSE](https://code.lila.network/adoralaura/certwarden-deploy/src/branch/main/LICENSE) file for more info.
|