From 32a2b92f14f855432bf6934643ec83355c6e87fd Mon Sep 17 00:00:00 2001
From: Samuel ORTION <samuel.ortion@orange.fr>
Date: Wed, 17 Aug 2022 09:18:35 +0200
Subject: [PATCH] Add dehydrated ssl certificate documentation

---
 INSTALL.md | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)

diff --git a/INSTALL.md b/INSTALL.md
index 1deb2f6..ef44c87 100644
--- a/INSTALL.md
+++ b/INSTALL.md
@@ -140,5 +140,59 @@ sudo npm install -g yarn
 yarn build
 ```
 
+## Setup https certificates with dehydrated (only for public instances)
 
+```bash
+sudo apt-get install dehydrated
+```
 
+Edit `/etc/dehydrated/domains.txt` and add your domain name.
+
+```bash
+sudo vim /etc/dehydrated/domains.txt
+```
+
+Add acme-challenges alias to your nginx config:
+
+```bash
+server {
+    [...]
+
+    location /.well-known/acme-challenge {
+        alias /var/www/html/.well-known/acme-challenge;
+        allow all;
+    }
+}
+```
+
+Create acme-challenge directory:
+```bash
+sudo mkdir -p /var/www/html/.well-known/acme-challenge
+```
+Adapt `/etc/dehydrated/config`, by adding this folder to the `WELLKNOWN` path:
+
+```bash
+WELLKNOWN = "/var/www/html/.well-known/acme-challenge"
+```
+
+Register to certificate issuer and accept conditions and terms:
+
+```bash
+dehydrated --register --accept-terms
+```
+
+Generate certificates:
+```bash
+dehydrated -c
+```
+
+Add dehydrated cron
+```bash
+sudo crontab -e
+```
+
+```bash
+00 00 01 * * dehydrated -c
+```
+
+(This updates the certicates every first day of the month, feel free to adapt to your needs.)