| config BR2_PACKAGE_DEHYDRATED | |
| bool "dehydrated" | |
| depends on BR2_USE_MMU # bash | |
| select BR2_PACKAGE_BASH | |
| select BR2_PACKAGE_BUSYBOX_SHOW_OTHERS # bash | |
| select BR2_PACKAGE_LIBCURL | |
| select BR2_PACKAGE_LIBCURL_CURL | |
| select BR2_PACKAGE_OPENSSL | |
| select BR2_PACKAGE_LIBOPENSSL_BIN if BR2_PACKAGE_LIBOPENSSL | |
| select BR2_PACKAGE_LIBRESSL_BIN if BR2_PACKAGE_LIBRESSL | |
| help | |
| Dehydrated is a client for signing certificates with an | |
| ACME-server (e.g. Let's Encrypt) implemented as a relatively | |
| simple (zsh-compatible) bash-script. This client supports | |
| both ACME v1 and the new ACME v2 including support for | |
| wildcard certificates! | |
| To use this script in Buildroot: | |
| - Create /etc/dehydrated/domains.txt | |
| - Make sure that "dehydrated -c" is called regularly, e.g. | |
| from cron. | |
| - Make sure /etc/dehydrated is writable. | |
| - Configure the webserver to export the WELLKNOWN directory | |
| (/var/www/dehydrated) as /.well-known/acme-challenge | |
| - Configure the webserver to use the certificates under | |
| /etc/dehydrated/certs/<domain> | |
| - Register a HOOK to reload the webserver after the | |
| certificates have been renewed. | |
| You probably need to install a custom /etc/dehydrated/config | |
| with the rootfs overlay. | |
| https://github.com/lukas2511/dehydrated |