[doc] eletsencrypt escript documentation

gbour · Feb 7, 2017 · 581f6c5 · 581f6c5
1 parent 7425f77
commit 581f6c5
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -69,6 +69,21 @@ Both **/path/to/webroot** and **/path/to/certs** MUST be writtable by the erlang
   So letsencrypt-erlang is writing challenge file under **/path/to/webroot** directory.
   Finally, keys and certificates are written in **/path/to/certs** directory.
 
+## Escript
+
+**bin/eletsencrypt** escript allows certificates management without any lines of Erlang.
+Configuration is defined in etc/eletsencrypt.yml
+
+Options:
+ * **-h|--help**: show help
+ * **-l|--list**: list certificates informations
+   * **-s|--short**: along with *-l*, display informations in short form
+ * **-r|--renew**: renew expired certificates
+ * **-f|--force**: along with *-r*, force certificates renewal even if not expired
+ * **-c|--config CONFIG-FILE**: use *CONFIG-FILE* configuration instead of default one
+
+Optionally, you can provide the domain you want to apply options as parameter
+
 
 ## API
 NOTE: if _optional_ is not written, parameter is required

diff --git a/etc/eletsencrypt.yml b/etc/eletsencrypt.yml
@@ -1,17 +1,32 @@
 
 general:
-    # in days
+    # in days. Certificates will be renewed when their expiration date will be less than 5 days in the
+    # future
     renew_threshold: 5
 
 domains:
+    # list your domains to manage
     my.domain.tld:
+          # path to store private key and certificate file. MUST exist and be writable
         - path: /path/to/certificate
+          # mode to renew certificate
+          # . standalone : eletsencrypt is starting his own webserver on *port* port
+          # . webroot    : you already have a running webserver
           mode: standalone
           # either http-01 or tls-sni-01
           challenge: http-01
           # issue certificate on LE staging platform (default is false)
           staging: true
+          # only with *standalone* mode. Port to listen certificate validation requests
           port: 8000
+          # only with *webroot* mode. Path to store certificate validation file
+          # webroot: /path/to/webroot
+          #
+          # once certificate is renewed, reload web server configuration
+          # currently only supports *systemd* engine
+          # on_success:
+          #     - engine: systemd
+          #       unit: nginx
 
     other.domain:
         - path: /path/to/certificate