Замена nvme накопителя из программного зеркала на базе ZFS.
Предварительная подготовка
apt install -y jq
Регистрация
curl -sX POST https://auth.acme-dns.io/register | jq >> /data/acme-registration.json nano /data/acme-registration.json
Настройка кластера
Создаем аккаунт
Иногда нужно дополнительно указывать —directory
Рабочие варианты
- https://acme-v02.api.letsencrypt.org/directory
- https://acme.sectigo.com/v2/InCommonECCOV
pvenode acme account register default ssl@pve.notdev.ru
#Directory endpoints: #0) Let's Encrypt V2 (https://acme-v02.api.letsencrypt.org/directory) #1) Let's Encrypt V2 Staging (https://acme-staging-v02.api.letsencrypt.org/directory) #2) Custom #Enter selection: 0 #Attempting to fetch Terms of Service from 'https://acme-v02.api.letsencrypt.org/directory'.. #Terms of Service: https://letsencrypt.org/documents/LE-SA-v1.5-February-24-2025.pdf #Do you agree to the above terms? [y|N]: y # #Attempting to register account with 'https://acme-v02.api.letsencrypt.org/directory'.. #Generating ACME account key.. #Registering ACME account.. #Registration successful, account URL: 'https://acme-v02.api.letsencrypt.org/acme/acct/2416457517' #Task OK
Используя ранее полученную регистрацию формируем фаил ответов для плагина acme-dns
echo "ACMEDNS_BASE_URL=https://auth.acme-dns.io/" > /tmp/acmedns echo "ACMEDNS_PASSWORD=$(jq -r .password /data/acme-registration.json)" >> /tmp/acmedns echo "ACMEDNS_SUBDOMAIN=$(jq -r .subdomain /data/acme-registration.json)" >> /tmp/acmedns echo "ACMEDNS_USERNAME=$(jq -r .username /data/acme-registration.json)" >> /tmp/acmedns
Создаем CNAME записи на DNS fulldomain
jq -r .fulldomain /data/acme-registration.json
В конце каждой записи стоит точка «.«
_acme-challenge.pve.notdev.ru → c2345ff7-6c56-46d2-befc-a4b607402040.auth.acme-dns.io.
Проверка доступности DNS CNAME записи
dig -t CNAME _acme-challenge.pve.notdev.ru
#; <<>> DiG 9.20.15-1~deb13u1-Debian <<>> -t CNAME _acme-challenge.pve.notdev.ru
#;; global options: +cmd
#;; Got answer:
#;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11623
#;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
#
#;; OPT PSEUDOSECTION:
#; EDNS: version: 0, flags:; udp: 4000
#;; QUESTION SECTION:
#;_acme-challenge.pve.notdev.ru. IN CNAME
#
#;; ANSWER SECTION:
#_acme-challenge.pve.notdev.ru. 0 IN CNAME c2345ff7-6c56-46d2-befc-a4b607402040.auth.acme-dns.io.
#
#;; Query time: 45 msec
#;; SERVER: 192.168.100.11#53(192.168.24.11) (UDP)
#;; WHEN: Thu Nov 06 12:48:51 +07 2025
#;; MSG SIZE rcvd: 128
Настройка ноды
pvenode acme plugin add dns acme-dns --api acmedns --data /tmp/acmedns pvenode config set -acmedomain0 domain=pve.notdev.ru,plugin=acme-dns pvenode acme cert order
Дополнительная информация
