Update certbot-config.md

caprover · Aug 18, 2024 · ce6a45b · ce6a45b
1 parent a157094
commit ce6a45b
Showing 1 changed file with 18 additions and 11 deletions.
diff --git a/docs/certbot-config.md b/docs/certbot-config.md
@@ -8,11 +8,13 @@ sidebar_label: Certbot Overrides
 ### NOTE:
 Most (almost all) users do not need to modify Certbot configs. CapRover automatically manages it for you. You should skip this page!
 
+<br/>
+
 ## Customize Certbot command to use DNS-01 challenge
 
 As of CapRover 1.12.0, you're able to customize the command that Certbot uses to generate SSL certificates. By default, CapRover uses the following command:
 ```bash
-certbot certonly --webroot -w ${webroot} -d ${domainName}'
+certbot certonly --webroot -w ${webroot} -d ${domainName}
 ```
 which works via HTTP-01 challenge. In this mode, Certbot will verify the ownership of your domain by sending a request to `http://<YOUR_DOMAIN>/.well-known/acme-challenge/<TOKEN>` where the content of <TOKEN> is generated by Certbot. 
 
@@ -22,7 +24,7 @@ This challenge works fine for most users, but you can optionally use a different
 The default Certbot Docker image does not include the [3rd party plugins](https://hub.docker.com/r/certbot/certbot). You need to build a custom image:
 
 For example, for Cloudflare:
-```
+```Dockerfile
 # Change this to any other base image listed here: https://hub.docker.com/r/certbot/certbot
 BASE_IMAGE="certbot/dns-cloudflare"  
 
@@ -43,17 +45,17 @@ mkdir /captain/data/letencrypt/etc/captain-files
 nano mycreds.ini
 ```
 Then enter your DNS credentials. For example, for Cloudflare DNS, you can use:
-```ini
+```text
 # Cloudflare API token used by Certbot
 dns_cloudflare_api_token = 0123456789abcdef0123456789abcdef01234567
 ```
 See details [here](https://eff-certbot.readthedocs.io/en/stable/using.html#dns-plugins)
 
 
-### Override the Certbot command
+### 3) Override the Certbot command
 
 Edit `/captain/data/config-override.json` by running:
-```
+```bash
 nano /captain/data/config-override.json
 ```
 
@@ -72,16 +74,21 @@ Then enter the following blob. Make sure to replace `your/repo:certbot-sleeping`
 }
 ```
 
-### Restart CapRover
+### 4) Restart CapRover
 
-```
+```bash
 docker service update captain-captain --force
 ```
 
+Now, when you ask CapRover to generate an SSL certificate, it uses the DNS challenge. 
+
+<br/>
+<br/>
+<br/>
 
 ## Configure Certbot to use a new ACME Server
 
-### First step
+### 1) Create config file
 
 Normally, the directory `/captain/data/letsencrypt/etc` should contain the volume used by Certbot,
 to configure Certbot, add a `cli.ini` file in this directory:
@@ -90,7 +97,7 @@ $ cd /captain/data/letsencrypt/etc/
 $ nano cli.ini
 ```
 
-### Configure the right things
+### 2) Configure the values
 
 We will take as an example ZeroSSL's ACME server to guide you over the steps needed to make Certbot work correctly with it,
 
@@ -107,7 +114,7 @@ eab-kid = some-short-string
 eab-hmac-key = a-big-key
 ```
 
-### Restart certbot
+### 3) Restart Certbot
 
 Then to apply our changes we need to update Certbot's service:
 ```
@@ -116,7 +123,7 @@ $ docker service update captain-certbot
 
 And you're done !
 
-### CAA Record
+### 4) CAA Record
 
 Remember to add a CAA record in your DNS to avoid any problem when generating SSL certs