diff options
author | surefire | 2016-09-18 20:42:00 +0300 |
---|---|---|
committer | surefire | 2016-09-18 20:55:43 +0300 |
commit | b9ec62c07e84839e215fe6a3b4ae00c5663317c0 (patch) | |
tree | a17a1921fb541141614e4ceca6997e69b4ccd15c /acme@.service | |
download | aur-b9ec62c07e84839e215fe6a3b4ae00c5663317c0.tar.gz |
Initial
Diffstat (limited to 'acme@.service')
-rw-r--r-- | acme@.service | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/acme@.service b/acme@.service new file mode 100644 index 000000000000..b2f16e6ddbc9 --- /dev/null +++ b/acme@.service @@ -0,0 +1,28 @@ +[Unit] +Description=Check and renew ACME TLS certificates +After=network.target +Requires=network.target + +[Service] +# You need to configure http server so that directory "/run/acme-challenge" was the alias of "/.well-known/acme-challenge" +# +# Nginx example: +# +# location /.well-known/acme-challenge { +# alias /run/acme-challenge; +# } + +RuntimeDirectory=acme-challenge +RuntimeDirectoryMode=0755 + +SuccessExitStatus=2 + +Environment="ACME_DIR=/var/lib/acme" +Environment="ACME_ARGS=-vbnN" +Environment="ACME_ACCOUNT=letsencrypt" + +EnvironmentFile=/etc/acme/%I.conf + +ExecStartPre=/usr/bin/install -dm0700 "${ACME_DIR}/certs/%I" + +ExecStart=/usr/bin/acme-client $ACME_ARGS -f "${ACME_DIR}/accounts/${ACME_ACCOUNT}.pem" -c "${ACME_DIR}/certs/%I" -k "${ACME_DIR}/certs/%I/privkey.pem" -C /run/acme-challenge $ACME_DOMAINS |