servnest
/
servnest
1
1
Fork 0
Code Issues 4 Pull Requests Releases Wiki Activity

installation: set permissions for /etc/letsencrypt/

This commit is contained in:
Miraty 2023-05-06 17:26:17 +02:00
parent a83ae30ce7
commit 25b1d30cbe
1 changed files with 11 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
DOCS/installation.md
View File

@ -72,13 +72,9 @@ Database configuration can be changed using `knotc conf-*` commands, see [Knot D
#### Directories
```shell
mkdir /srv/servnest/reg
chown -R servnest:knot /srv/servnest/reg
chmod -R u=rwX,g=rwX,o= /srv/servnest/reg
mkdir /srv/servnest/ns
chown -R servnest:knot /srv/servnest/ns
chmod -R u=rwX,g=rwX,o= /srv/servnest/ns
mkdir /srv/servnest/reg /srv/servnest/ns
chown -R servnest:knot /srv/servnest/reg /srv/servnest/ns
chmod -R u=rwX,g=rwX,o= /srv/servnest/reg /srv/servnest/ns
```
#### Registry files initialisation
@ -204,6 +200,14 @@ This method also requires manual operations for renewal.
The nginx configuration provided above uses the self-signed key pair at the locations set in the `openssl` command above. Replace those by the ones Certbot told you and reload nginx configuration.
Allow nginx to access certificates:
```shell
mkdir -p /etc/letsencrypt/archive/ /etc/letsencrypt/live/
chmod 710 /etc/letsencrypt/archive/ /etc/letsencrypt/live/
chown root:nginx /etc/letsencrypt/archive/ /etc/letsencrypt/live/
/root/certbot-deploy-hook.sh
```
### Apache HTTP Server
Apache in distributions is usually named `httpd`, `apache` or `apache2`. Adapt these instructions as appropriate.