From dbe58793c52cdaf260c9b0c7f9a3772af12d0d25 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sara=20Aim=C3=A9e=20Smiseth?= <51710585+SaraSmiseth@users.noreply.github.com> Date: Wed, 3 Jun 2020 16:23:12 +0200 Subject: [PATCH] README cert folder structure --- readme.md | 38 ++++++++++++++++++++++++++------------ 1 file changed, 26 insertions(+), 12 deletions(-) diff --git a/readme.md b/readme.md index 1e6e78c..e963dcb 100644 --- a/readme.md +++ b/readme.md @@ -107,7 +107,21 @@ Which defaults to ```cert/domain.tld/fullchain.pem``` and ```cert/domain.tld/pri An example certificate folder structure could look like this: -TODO +``` zsh +certs +├── conference.domain.tld +│   ├── fullchain.pem +│   └── privkey.pem +├── proxy.domain.tld +│   ├── fullchain.pem +│   └── privkey.pem +├── upload.domain.tld +│   ├── fullchain.pem +│   └── privkey.pem +└── domain.tld + ├── fullchain.pem + └── privkey.pem +``` Thats how Let's encrypt certbot does it out of the box. @@ -155,17 +169,17 @@ Inspect logs: ```docker-compose logs -f```. #### Environment variables -| Variable | Description | Type | Default value | -| -------- | ----------- | ---- | ------------- | -| **ALLOW_REGISTRATION** | Whether to allow registration of new accounts via Jabber clients | *optional* | true -| **DOMAIN** | domain | **required** | null -| **DOMAIN_HTTP_UPLOAD** | Domain which lets clients upload files over HTTP | *optional* | upload.**DOMAIN** -| **DOMAIN_MUC** | Domain for Multi-user chat (MUC) for allowing you to create hosted chatrooms/conferences for XMPP users | *optional* | conference.**DOMAIN** -| **DOMAIN_PROXY** | Domain for SOCKS5 bytestream proxy for server-proxied file transfers | *optional* | proxy.**DOMAIN** -| **LOG_LEVEL** | Min log level. Change to debug for more information | *optional* | info -| **C2S_REQUIRE_ENCRYPTION** | Whether to force all client-to-server connections to be encrypted or not | *optional* | true -| **S2S_REQUIRE_ENCRYPTION** | Whether to force all server-to-server connections to be encrypted or not | *optional* | true -| **S2S_SECURE_AUTH** | Require encryption and certificate authentication | *optional* | true +| Variable | Description | Type | Default value | +| -------------------------- | ------------------------------------------------------------------------------------------------------- | ------------ | --------------------- | +| **ALLOW_REGISTRATION** | Whether to allow registration of new accounts via Jabber clients | *optional* | true | +| **DOMAIN** | domain | **required** | null | +| **DOMAIN_HTTP_UPLOAD** | Domain which lets clients upload files over HTTP | *optional* | upload.**DOMAIN** | +| **DOMAIN_MUC** | Domain for Multi-user chat (MUC) for allowing you to create hosted chatrooms/conferences for XMPP users | *optional* | conference.**DOMAIN** | +| **DOMAIN_PROXY** | Domain for SOCKS5 bytestream proxy for server-proxied file transfers | *optional* | proxy.**DOMAIN** | +| **LOG_LEVEL** | Min log level. Change to debug for more information | *optional* | info | +| **C2S_REQUIRE_ENCRYPTION** | Whether to force all client-to-server connections to be encrypted or not | *optional* | true | +| **S2S_REQUIRE_ENCRYPTION** | Whether to force all server-to-server connections to be encrypted or not | *optional* | true | +| **S2S_SECURE_AUTH** | Require encryption and certificate authentication | *optional* | true | #### DNS