ThirdMirrors
/
acme.sh
mirror of https://gitee.com/Hawkin99/acme.sh.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Document unifi deploy hook

Mike Edmunds 2020-12-29 08:46:29 -08:00
parent b45e16fc05
commit 6efdc8e667
1 changed files with 50 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
deployhooks.md

@ -646,4 +646,53 @@ To deploy the cert now run:
acme.sh --deploy -d example.com --deploy-hook cleverreach
```
Now the cert is added to all domains that are covered by it.
Now the cert is added to all domains that are covered by it.
## 23. Deploy the cert on a Unifi Controller or Cloud Key
These instructions are for running acme.sh locally on the Unifi Controller
machine or on a Unifi Cloud Key device. If you run acme.sh on a remote machine,
follow the Unifi examples under [ssh deploy](#examples-using-ssh-deploy) instead.
[Full support for Cloud Key pending merge of [PR #3327](https://github.com/acmesh-official/acme.sh/pull/3327)]
To deploy the cert run:
```sh
acme.sh --deploy -d example.com --deploy-hook unifi
```
You may see a warning that "the JKS keystore uses a proprietary format."
It can be ignored.
The "service unifi restart" step may take a minute or more as it reloads the
Unifi Controller.
On a Unifi Cloud Key, acme.sh installations and configuration seem to survive
firmware upgrades when installed in the default location (/root/.acme.sh).
But the renewal cron job may be lost after some firmware upgrades; use `crontab -l`
to check, and re-install with `acme.sh --install-cronjob` if necessary.
If you have a non-standard Unifi Controller installation, you may need
to set some variables before running the deploy hook the first time.
Most users do not need to set these:
```sh
# Settings for Unifi Controller:
# Location of keystore or unifi.keystore.jks file:
DEPLOY_UNIFI_KEYSTORE="/usr/lib/unifi/data/keystore"
# Keystore password (built into Unifi Controller, not a user-set password):
DEPLOY_UNIFI_KEYPASS="aircontrolenterprise"
# Command to restart the Controller:
DEPLOY_UNIFI_RELOAD="service unifi restart"
# Additional settings for Unifi Cloud Key:
# Whether to also deploy certs for Cloud Key maintenance pages
# (default is "yes" when running on Cloud Key, "no" otherwise):
DEPLOY_UNIFI_CLOUDKEY="yes"
# Directory where cloudkey.crt and cloudkey.key live:
DEPLOY_UNIFI_CLOUDKEY_CERTDIR="/etc/ssl/private"
# Command to restart maintenance pages and Controller
# (same setting as above, default is updated when running on Cloud Key):
DEPLOY_UNIFI_RELOAD="service nginx restart && service unifi restart"
```