mirror of
https://github.com/deuill/coreos-home-server.git
synced 2024-09-21 13:40:45 +00:00
Alex Palaistras
d9f675817e
This contains the culmination of work done privately for a few months, and is intended to be a solid basis for other peoples' experimentations with setting up single-node, home-server setups using Fedora CoreOS.
22 lines
1.3 KiB
Desktop File
22 lines
1.3 KiB
Desktop File
[Unit]
|
|
Description="Let's Encrypt DNS01 certificate register for %I"
|
|
Wants=container-build@letsencrypt.service letsencrypt-dns-renew@%i.timer
|
|
After=container-build@letsencrypt.service
|
|
Before=letsencrypt-dns-renew@%i.timer
|
|
ConditionPathExists=!/var/lib/container-service/letsencrypt/private/%i/tls.key
|
|
|
|
[Service]
|
|
Type=oneshot
|
|
EnvironmentFile=/etc/container-service/letsencrypt/letsencrypt.env
|
|
ExecStartPre=/bin/install --owner 10000 --group 10000 -d /var/lib/container-service/letsencrypt
|
|
ExecStart=/bin/podman run --replace --pull never --rm --env-file /etc/container-service/letsencrypt/letsencrypt.env \
|
|
--volume /var/lib/container-service/letsencrypt:/var/lib/letsencrypt:z \
|
|
--name letsencrypt-register-%i localhost/letsencrypt:latest --accept-tos --pem --path /var/lib/letsencrypt \
|
|
--domains "%i" --server ${ACME_SERVER} --email ${ACME_EMAIL} --dns ${ACME_DNS_PROVIDER} run
|
|
ExecStartPost=/bin/install -d /var/lib/container-service/letsencrypt/private/%i
|
|
ExecStartPost=/bin/install -m 0644 /var/lib/container-service/letsencrypt/certificates/%i.crt /var/lib/container-service/letsencrypt/private/%i/tls.crt
|
|
ExecStartPost=/bin/install -m 0644 /var/lib/container-service/letsencrypt/certificates/%i.key /var/lib/container-service/letsencrypt/private/%i/tls.key
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|