From 90f4017f07ae3c5e4cdd6482fb419468eab2be96 Mon Sep 17 00:00:00 2001 From: Darren 'Tadgy' Austin Date: Sat, 18 Apr 2026 20:57:38 +0100 Subject: [PATCH] Domain specific dehydrated config. --- .gitattributesdb | 4 ++ .../domains.d/core.slackware.uk.net | 48 +++++++++++++++++++ 2 files changed, 52 insertions(+) create mode 100644 etc/dehydrated/domains.d/core.slackware.uk.net diff --git a/.gitattributesdb b/.gitattributesdb index be1e60b..cb8d0dc 100644 --- a/.gitattributesdb +++ b/.gitattributesdb @@ -253,6 +253,10 @@ ZG9tYWlucy5k - - ZXRjL2RlaHlkcmF0ZWQvZG9tYWlucy5kL19leGFtcGxlXw== 1773422197.987710884 1776538060.204000000 root:root 0644 - - ZXRj 1776540625.004000000 1776540869.752000000 root:root 0755 - - ZGVoeWRyYXRlZA== - - +ZG9tYWlucy5k - - +ZXRjL2RlaHlkcmF0ZWQvZG9tYWlucy5kL2NvcmUuc2xhY2t3YXJlLnVrLm5ldA== 1776542074.776000000 1776542254.044000000 root:root 0644 - - +ZXRj 1776540625.004000000 1776540869.752000000 root:root 0755 - - +ZGVoeWRyYXRlZA== - - aG9va3M= - - ZXRjL2RlaHlkcmF0ZWQvaG9va3MvZGVmYXVsdA== 1773342632.190315764 1776538060.204000000 root:root 0755 - - ZXRj 1776540625.004000000 1776540869.752000000 root:root 0755 - - diff --git a/etc/dehydrated/domains.d/core.slackware.uk.net b/etc/dehydrated/domains.d/core.slackware.uk.net new file mode 100644 index 0000000..83e665e --- /dev/null +++ b/etc/dehydrated/domains.d/core.slackware.uk.net @@ -0,0 +1,48 @@ +# The settings in this file can be used to override those in the global config file in /etc/dehydrated + +# Which challenge should be used? +# Supported values: http-01, dns-01, dns-persist-01, tls-alpn-01. +# Default: http-01 +CHALLENGETYPE="dns-persist-01" + +# Default keysize for private keys. +# Default: 4096 +#KEYSIZE="4096" + +# Program or function called at certain stages of processing. +# BASEDIR and WELLKNOWN variables are exported and can be used in an external program. +# Default: +#HOOK="" + +# Chain clean_challenge|deploy_challenge arguments together into one hook call per certificate? +# Default: no +#HOOK_CHAIN="no" + +# Minimum days before expiration to automatically renew certificate. +# Default: 30 +#RENEW_DAYS="30" + +# Regenerate private keys instead of just signing new certificates on renewal? +# Default: yes +#PRIVATE_KEY_RENEW="yes" + +# Create an extra private key for rollover? +# Default: no +#PRIVATE_KEY_ROLLOVER="no" + +# Which public key algorithm should be used? +# Supported: rsa, prime256v1, secp384r1. +# Default: rsa +#KEY_ALGO="rsa" + +# Option to add CSR-flag indicating OCSP stapling to be mandatory. +# Default: no +#OCSP_MUST_STAPLE="no" + +# Fetch OCSP responses. +# Default: no +#OCSP_FETCH="no" + +# OCSP refresh interval, in days. +# Default: 5 +#OCSP_DAYS="5"