evgeny/modoboa-installer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added custom tls cert support

Browse Source
This commit is contained in:
Spitap
2023-06-21 21:07:20 +02:00
committed by Antoine Nguyen
parent ccae88bb77
commit 4759146d99
4 changed files with 104 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
README.rst
View File

@@ -1,5 +1,5 @@
modoboa-installer
=================
**modoboa-installer**
=====================
|workflow| |codecov|
@@ -76,7 +76,7 @@ If you want more information about the installation process, add the
``--debug`` option to your command line.
Upgrade mode
------------
============
An experimental upgrade mode is available.
@@ -92,7 +92,7 @@ You can activate it as follows::
It will automatically install latest versions of modoboa and its plugins.
Backup mode
-----------
===========
An experimental backup mode is available.
@@ -129,7 +129,7 @@ configuration file (set enabled to False).
This can be useful for larger instance.
Restore mode
------------
============
An experimental restore mode is available.
@@ -140,7 +140,7 @@ You can start the process as follows::
Then wait for the process to finish.
Change the generated hostname
-----------------------------
=============================
By default, the installer will setup your email server using the
following hostname: ``mail.<your domain>``. If you want a different
@@ -159,22 +159,37 @@ modifications.
Finally, run the installer without the
``--stop-after-configfile-check`` option.
Let's Encrypt certificate
-------------------------
Certificate
===========
Self-signed
-----------
It is the default way of the installer, it is however
not recommended for production use. We recommend using
letsencrypt for production. Using Letsencrypt imply that
you accept their Tos (see bellow)
Letsencrypt
-----------
.. warning::
Please note this option requires the hostname you're using to be
valid (ie. it can be resolved with a DNS query) and to match the
server you're installing Modoboa on.
Please note that by using this option, you aggree to the `ToS
<https://community.letsencrypt.org/tos>`_ of
letsencrypt and that your IP will be logged (see ToS)
Please also note this option requires the hostname you're using to be
valid (ie. it can be resolved with a DNS query) and to match the
server you're installing Modoboa on.
If you want to generate a valid certificate using `Let's Encrypt
<https://letsencrypt.org/>`_, edit the ``installer.cfg`` file and
modify the following settings::
[certificate]
generate = true
type = letsencrypt
tls_cert_file_path =
tls_key_file_path =
[letsencrypt]
email = admin@example.com
@@ -182,6 +197,24 @@ modify the following settings::
Change the ``email`` setting to a valid value since it will be used
for account recovery.
Manual
------
.. warning::
It is not possible to configure manual certs interactively.
To do so, please run ``run.py`` with `--stop-after-configfile-check`,
configure your file as desired and apply the configuration as
written bellow. Then run ``run.py`` without
`--stop-after-configfile-check` or `--interactive`.
If you want to use already generated certs, simply edit the
``installer.cfg`` file and modify the following settings::
[certificate]
type = manual
tls_cert_file_path = *path to tls key file*
tls_key_file_path = * path to tls fullchain file*
.. |workflow| image:: https://github.com/modoboa/modoboa-installer/workflows/Modoboa%20installer/badge.svg
.. |codecov| image:: http://codecov.io/github/modoboa/modoboa-installer/coverage.svg?branch=master
:target: http://codecov.io/github/modoboa/modoboa-installer?branch=master