From 91dfa501f859e1cca5673a0821d2d14cfbdc37e2 Mon Sep 17 00:00:00 2001 From: Nicola Murino Date: Fri, 27 May 2022 10:09:53 +0200 Subject: [PATCH] improve some docs Signed-off-by: Nicola Murino --- docs/howto/lets-encrypt-certificate.md | 10 ++++++---- tests/ipfilter/go.mod | 1 + tests/ipfilter/go.sum | 3 ++- 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/docs/howto/lets-encrypt-certificate.md b/docs/howto/lets-encrypt-certificate.md index 3e6475ba..0fb23ce2 100644 --- a/docs/howto/lets-encrypt-certificate.md +++ b/docs/howto/lets-encrypt-certificate.md @@ -17,9 +17,11 @@ In this tutorial we'll focus on `HTTP-01` challenge type and make the following - we need a TLS certificate for the `sftpgo.com` domain - we have an existing web server already running on port `80` for the `sftpgo.com` domain and the web root path is `/var/www/sftpgo.com` +## Overview + - [Obtaining a certificate using the Lego CLI tool](#Obtaining-a-certificate-using-the-Lego-CLI-tool) - [Automatic certificate renewal using the Lego CLI tool](#Automatic-certificate-renewal-using-the-Lego-CLI-tool) -- [## Obtaining a certificate using the ACME protocol built into SFTPGo](#Obtaining-a-certificate-using-the-ACME-protocol-built-into-SFTPGo) +- [Obtaining a certificate using the ACME protocol built into SFTPGo](#Obtaining-a-certificate-using-the-ACME-protocol-built-into-SFTPGo) - [Enable HTTPS for SFTPGo Web UI and REST API](#Enable-HTTPS-for-SFTPGo-Web-UI-and-REST-API) - [Enable HTTPS for WebDAV service](#Enable-HTTPS-for-WebDAV-service) - [Enable explicit FTP over TLS](#Enable-explicit-FTP-over-TLS) @@ -139,13 +141,13 @@ Open the SFTPGo configuration file, search for the `acme` section and change it Make sure that the `sftpgo` user can write to the `/var/www/sftpgo.com` directory or pre-create the `/var/www/sftpgo.com/.well-known/acme-challenge` directory with the appropriate permissions. This directory must be publicly served by your web server. -Register your account and obtain the certificates with the following command. +Register your account and obtain certificates by running the following command as the root user. ```bash -sftpgo acme run -c /etc/sftpgo +su - sftpgo -s /bin/bash -c 'sftpgo acme run -c /etc/sftpgo' ``` -If this command completes successfully, you are done. The SFTPGo service will take care of the automatic renewal of certificates for the configured domains. +If this command completes successfully, you are done. The SFTPGo service will take care of the automatic renewal of certificates for the configured domains. Make sure that the `sftpgo` system user can read and write to `/var/lib/sftpgo/certs` directory otherwise the certificate renewal will fail. ## Enable HTTPS for SFTPGo Web UI and REST API diff --git a/tests/ipfilter/go.mod b/tests/ipfilter/go.mod index 88421347..e4e5c8b9 100644 --- a/tests/ipfilter/go.mod +++ b/tests/ipfilter/go.mod @@ -22,4 +22,5 @@ require ( google.golang.org/genproto v0.0.0-20220526192754-51939a95c655 // indirect google.golang.org/grpc v1.46.2 // indirect google.golang.org/protobuf v1.28.0 // indirect + gopkg.in/yaml.v3 v3.0.0 // indirect ) diff --git a/tests/ipfilter/go.sum b/tests/ipfilter/go.sum index 2872e308..897b0181 100644 --- a/tests/ipfilter/go.sum +++ b/tests/ipfilter/go.sum @@ -169,7 +169,8 @@ google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqw gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0 h1:hjy8E9ON/egN1tAYqKb61G10WtihqetD4sz2H+8nIeA= +gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=