| /2023-05-02 |
Contents
wk.qmail.jp での操作
# certbot certonly --manual --preferred-challenges dns-01 -d qmail.jp
Saving debug log to /var/log/letsencrypt/letsencrypt.log Renewing an existing certificate for qmail.jp - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Please deploy a DNS TXT record under the name: _acme-challenge.qmail.jp. with the following value: IEeA1Ax3Bv3EXCAeJp31XojQQm_GFWV_Cp9x899h7Ls Before continuing, verify the TXT record has been deployed. Depending on the DNS provider, this may take some time, from a few seconds to multiple minutes. You can check if it has finished deploying with aid of online tools, such as the Google Admin Toolbox: https://toolbox.googleapps.com/apps/dig/#TXT/_acme-challenge.qmail.jp. Look for one or more bolded line(s) below the line ';ANSWER'. It should show the value(s) you've just added. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Press Enter to Continue Successfully received certificate. Certificate is saved at: /etc/letsencrypt/live/qmail.jp/fullchain.pem Key is saved at: /etc/letsencrypt/live/qmail.jp/privkey.pem This certificate expires on 2024-04-23. These files will be updated when the certificate renews. NEXT STEPS: - This certificate will not be renewed automatically. Autorenewal of --manual certificates requires the use of an authentication hook script (--manual-auth-hook) but one was not provided. To renew this certificate, repeat this same certbot command before the certificate's expiry date.
あとは
nginx -s reload
1. history
DNS txt に入れる。(集約のため)
# vi letxt root@157-7-113-173:/home/tmaeno/dnsdata# cat letxt 'txt.tmaeno.com:IEeA1Ax3Bv3EXCAeJp31XojQQm_GFWV_Cp9x899h7Ls root@157-7-113-173:/home/tmaeno/dnsdata# make cat base cname txt0 letxt tmaeno nerima > /service/tinydns/root/qmailjp (cd /service/tinydns/root; make) make[1]: Entering directory '/home/tinydns/root' cat localdomain data0 > data /usr/local/bin/tinydns-data make[1]: Leaving directory '/home/tinydns/root'