26 lines
1.0 KiB
TypeScript
26 lines
1.0 KiB
TypeScript
|
/**
|
||
|
|
* ACME configuration for automated TLS certificate issuance via Let's Encrypt.
|
||
|
|
*
|
||
|
|
* Persisted as a singleton `AcmeConfigDoc` in the DcRouterDb. Replaces the
|
||
|
|
* legacy constructor fields `tls.contactEmail` / `smartProxyConfig.acme.*`
|
||
|
|
* which are now seed-only (used once on first boot if the DB is empty).
|
||
|
|
*
|
||
|
|
* Managed via the OpsServer UI at **Domains > Certificates > Settings**.
|
||
|
|
*/
|
||
|
|
export interface IAcmeConfig {
|
||
|
|
/** Contact email used for Let's Encrypt account registration. */
|
||
|
|
accountEmail: string;
|
||
|
|
/** Whether ACME is enabled. If false, no certs are issued via ACME. */
|
||
|
|
enabled: boolean;
|
||
|
|
/** True = Let's Encrypt production, false = staging. */
|
||
|
|
useProduction: boolean;
|
||
|
|
/** Whether to automatically renew certs before expiry. */
|
||
|
|
autoRenew: boolean;
|
||
|
|
/** Renew when a cert has fewer than this many days of validity left. */
|
||
|
|
renewThresholdDays: number;
|
||
|
|
/** Unix ms timestamp of last config change. */
|
||
|
|
updatedAt: number;
|
||
|
|
/** Who last updated the config (userId or 'seed' / 'system'). */
|
||
|
|
updatedBy: string;
|
||
|
|
}
|