Configure
LeGo Certhub has a config.yaml file to set various operational parameters. This page details each parameter's name and functionality. A lot of similar information is contained with in the config.default.yaml.
hostname
hostname sets the name of the host that LeGo will bind to. This should be a hostname and not an ip address due to ssl needs, but an ip address will technically work to get the server started.
https_port & http_port
These ports specify the port number to bind the LeGo server to. This is both the API backend as well as the frontend (if the backend is serving the frontend).
enable_http_redirect
If this is true, when the server is running on https, an additional server will be started on http to redirect to https.
log_level
Self-explanatory log level. This applies to both console and file logging.
serve_frontend
If true, LeGo server will also host the frontend. That is, on the API endpoint server there will be a path /app that will serve the UI. Generally this should be true unless you are doing advanced configuration.
private_key_name & certificate_name
These define the key and certificate pair names that LeGo will use to run in https mode.
dev_mode
Enabled debug logging and some other minor tweaks to how the server operates. Generally only use this if you are trying to troubleshoot something. Do not leave this on in production.
orders
This section contains options the change how automatic refreshing of certificates functions.
auto_order_enable
Generally should always be true. This makes the server automatically place new orders when old orders are aging out.
valid_remaining_days_threshold
The number of remaining valid days on a certificate before the server places a new order for that certificate.
refresh_time_hour & refresh_time_minute
The time the daily refresh task should run.
challenges
This section contains options relating to how challenges are solved.
dns_checker: dns_services: primary_ip & secondary_ip
This array defines the DNS servers that LeGo will use to check for DNS propagation when using a dns challenge solving method. Only a primary_ip is necessary but if a particular provider has a secondary that can also be specified.
providers
This section has various options to configure different providers. See the config.default.yaml for more details.