updated some post-install task writing, re-worked gencerts.sh entirely to use openSSL configuration files and V3 extensions for the certs.
This commit is contained in:
21
deploy.sh
21
deploy.sh
@@ -1058,6 +1058,8 @@ TP-LINK ROUTERS:
|
||||
use $publicip if you are forwarding port 53, or $localip if not.
|
||||
if you use $localip, the device will not have DNS outside of your local network.
|
||||
|
||||
based on your configuration, you should probably use $dns_ip
|
||||
|
||||
you only need to do this for devices that have a static ip address, devices that get their ip assigned via DHCP (which is default for most devices, especially wireless ones) get their DNS address from the router.
|
||||
|
||||
WINDOWS:
|
||||
@@ -1065,7 +1067,7 @@ WINDOWS:
|
||||
1. Open Network Settings (Win+I > Network & Internet)
|
||||
2. Select your connection (Wi-Fi/Ethernet)
|
||||
3. Click "Hardware properties" > "Edit" next to DNS
|
||||
4. Set manual DNS to $localip or $publicip
|
||||
4. Set manual DNS to $dns_ip
|
||||
5. Save changes
|
||||
|
||||
MACOS:
|
||||
@@ -1073,7 +1075,7 @@ MACOS:
|
||||
1. Open System Preferences > Network
|
||||
2. Select your connection
|
||||
3. Click "Advanced" > DNS tab
|
||||
4. Add $localip or $publicip to DNS servers
|
||||
4. Add $dns_ip to DNS servers
|
||||
5. Click "OK" > "Apply"
|
||||
|
||||
LINUX (NETWORK MANAGER):
|
||||
@@ -1082,7 +1084,7 @@ LINUX (NETWORK MANAGER):
|
||||
nm-connection-editor
|
||||
2. Select your connection
|
||||
3. Go to IPv4/IPv6 settings
|
||||
4. Set DNS to $localip or $publicip
|
||||
4. Set DNS to $dns_ip
|
||||
5. Save and restart connection
|
||||
|
||||
ANDROID:
|
||||
@@ -1091,14 +1093,14 @@ ANDROID:
|
||||
2. Long-press your network > Modify network
|
||||
3. Enable "Advanced options"
|
||||
4. Set IP to static
|
||||
5. Enter DNS as $localip or $publicip
|
||||
5. Enter DNS as $dns_ip
|
||||
|
||||
IOS:
|
||||
----
|
||||
1. Open Wi-Fi settings
|
||||
2. Tap (i) next to your network
|
||||
3. Configure DNS > Manual
|
||||
4. Add $localip or $publicip
|
||||
4. Add $dns_ip
|
||||
5. Save changes
|
||||
|
||||
EOF
|
||||
@@ -1219,6 +1221,15 @@ for the certificate key, use the wildcard.key file
|
||||
for the certificate, use the wildcard.crt file
|
||||
for the intermediate certificate, use the intermediate.crt file
|
||||
|
||||
after this, go to the Hosts > proxy hosts tab and go through each of the hosts
|
||||
|
||||
repeat for each host:
|
||||
>go to the SSL tab
|
||||
>select your certificate
|
||||
>enable force SSL
|
||||
in the case of owncloud you may also want to enable HTTP/2
|
||||
then hit save.
|
||||
|
||||
|
||||
because this certificate is not backed by a public certificate authority like letsencrypt, you have to manually trust the root cert on each device you want to use the cloud on, or deal with "certificate untrusted" warnings.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user