open-infrastructure-service-tools/debian/open-infrastructure-dehydrated-tools.templates

Template: open-infrastructure-dehydrated-tools/title
Type: title
Description: dehydrated-tools: Setup

Template: open-infrastructure-dehydrated-tools/auto-cleanup
Type: boolean
Default: no
Description: dehydrated auto clean:
 Please select the Certificate Authority to use with dehydrated.
 .
 If unsure, use letsencrypt (default).

Template: open-infrastructure-dehydrated-tools/ca
Type: select
Choices: letsencrypt, letsencrypt-test, zerossl, buypass, buypass-test
Default: letsencrypt
Description: dehydrated Certificate Authority (CA):
 Please select the Certificate Authority to use with dehydrated.
 .
 If unsure, use letsencrypt (default).

Template: open-infrastructure-dehydrated-tools/challengetype
Type: select
Choices: dns-01, http-01
Default: http-01
Description: dehydrated Challenge Type:
 Please select the challenge type to use with dehydrated.
 .
 If unsure, use http-01 (default).

Template: open-infrastructure-dehydrated-tools/contact-email
Type: string
Default: 
Description: dehydrated Contact Email:
 Please select an optional contact email address for notifications of your CA.
 .
 If unsure, leave empty (default).

Template: open-infrastructure-dehydrated-tools/key-algo
Type: select
Choices: prime256v1, rsa, secp384r1
Default: secp384r1
Description: dehydrated key algorithm:
 Please select the key algorithm to use.
 .
 If unsure, use 'secp384r1' (default).

Template: open-infrastructure-dehydrated-tools/ocsp-fetch
Type: boolean
Default: false
Description: dehydrated OCSP fetch:
 Should dehydrated automatically fetch the OCSP signature?
 .
 If unsure, use 'no' (default).

Template: open-infrastructure-dehydrated-tools/ocsp-must-staple
Type: boolean
Default: false
Description: dehydrated OCSP must staple:
 Should dehydrated request certificates that must use OCSP stapling?
 .
 If unsure, use 'no' (default).

Template: open-infrastructure-dehydrated-tools/preferred-chain
Type: string
Default: 
Description: dehydrated preferred chain:
 Should an alternative root certificate by used in the certificat verification chain?
 .
 If unsure, leave empty.

Template: open-infrastructure-dehydrated-tools/basedir
Type: string
Default: 
Description: dehydrated base directory:
 Please enter the base directory where all the certificates are stored.
 .
 If unsure, use /var/lib/dehydrated (default).

Template: open-infrastructure-dehydrated-tools/hooks
Type: multiselect
Choices: ${HOOKS_CHOICES}
Default: 
Description: dehydrated hooks:
 Please select any hooks that should be enabled for dehydrated.

Template: open-infrastructure-dehydrated-tools/domains
Type: string
Default: 
Description: dehydrated domains:
 Please enter the domains to be configured for dehydrated.
 .
 If unsure, leave empty (default) which will use the hostname
 of the system. Use 'none' to not generate any certificates.
 .
 Multiple certificates can be separated by '|', additional
 names (SAN) can are whitespace separated.

Template: open-infrastructure-dehydrated-tools/tsig
Type: string
Default: 
Description: dehydrated TSIG:
 When using the dehydrated-nsupdate hook, a TSIG can be used. If you like
 to do so, please enter either the path to the TSIG file or the TSIG string
 itself (format as used by nsupdate -y in algorithm:name:base64).
 .
 If unsure, leave empty (default).

Template: open-infrastructure-dehydrated-tools/register
Type: boolean
Default: false
Description: dehydrated register:
 Should a 'dehydrated --register --accept-terms' be executed now to create
 an account for this system with your CA.

Template: open-infrastructure-dehydrated-tools/run
Type: boolean
Default: false
Description: dehydrated:
 Should a 'dehydrated --cron --keep-going' be executed now to renew
 non-existent/changed/expiring certificates for this system.