feat: 指定 cert 和 key, 而不是自动获取

[iugo]

支持自定义的难度不高, 但适用性可能更广:

两种可选方式:

1. 从环境变量中获取 path.
2. 从参数中获取 path. 比如 --plugin-opts "host=example.com;keypath=;certpath="

我在实际使用中, 使用同一个 非 root 帐号, 出现 Error: Permission denied (os error 13).

将 key 文件该为 rw 还是不行.

---

代码中有写会从环境变量中获取插件参数, 除了 acme_host 还支持 cert 和 key:

qtun/src/server.rs

Lines 70 to 84 in b7d0ce5

	// parse environment variables
	if let Ok((ss_local_addr, ss_remote_addr, ss_plugin_opts)) = args::parse_env() {
	relay_addr = ss_local_addr;
	listen_addr = ss_remote_addr;
	if let Some(cert) = ss_plugin_opts.get("cert") {
	cert_path = PathBuf::from(cert);
	}
	if let Some(key) = ss_plugin_opts.get("key") {
	key_path = PathBuf::from(key);
	}
	if let Some(host) = ss_plugin_opts.get("acme_host") {
	acme_host = Some(host.clone());
	}
	}

我尝试在 插件参数中 写 cert=/certpath, 没有起到作用. 可能是因为这个参数会在

qtun/src/server.rs

Line 87 in b7d0ce5

key_path = PathBuf::new();

处被覆盖.

也许 #8 有所帮助.

[madeye]

Don't specify acme host, if you want to set TLS cert keys and certs manually.

[iugo]

Don't specify acme host, if you want to set TLS cert keys and certs manually.

Only cert and key is available. But still got Error: Permission denied (os error 13).

After using the root account, it works fine.