Merge 7e6d66f into 1681de1

joohoi · Jan 8, 2020 · de977e8 · de977e8
2 parents 1681de1 + 7e6d66f
commit de977e8
Showing 1 changed file with 15 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -12,6 +12,8 @@ Acme-dns provides a simple API exclusively for TXT record updates and should be
 
 So basically it boils down to **accessibility** and **security**.
 
+For longer explanation of the underlying issue and other proposed solutions, see a blog post on the topic from EFF deeplinks blog: https://www.eff.org/deeplinks/2018/02/technical-deep-dive-securing-automation-acme-dns-challenge-validation
+
 ## Features
 - Simplified DNS server, serving your ACME DNS challenges (TXT)
 - Custom records (have your required A, AAAA, NS, etc. records served)
@@ -119,11 +121,20 @@ See the INSTALL section for information on how to do this.
 
 1) Install [Go 1.13 or newer](https://golang.org/doc/install).
 
-2) Install acme-dns: `go get github.com/joohoi/acme-dns/...`. This will install acme-dns to `~/go/bin/acme-dns`.
+2) Build acme-dns: 
+```
+git clone https://github.com/joohoi/acme-dns
+cd acme-dns
+export GOPATH=/tmp/acme-dns
+go build
+```
+
+3) Move the built acme-dns binary to a directory in your $PATH, for example:
+`sudo mv acme-dns /usr/local/bin`
 
-3) Edit config.cfg to suit your needs (see [configuration](#configuration)). `acme-dns` will read the configuration file from `/etc/acme-dns/config.cfg` or `./config.cfg`, or a location specified with the `-c` flag.
+4) Edit config.cfg to suit your needs (see [configuration](#configuration)). `acme-dns` will read the configuration file from `/etc/acme-dns/config.cfg` or `./config.cfg`, or a location specified with the `-c` flag.
 
-4) If your system has systemd, you can optionally install acme-dns as a service so that it will start on boot and be tracked by systemd. This also allows us to add the `CAP_NET_BIND_SERVICE` capability so that acme-dns can be run by a user other than root.
+5) If your system has systemd, you can optionally install acme-dns as a service so that it will start on boot and be tracked by systemd. This also allows us to add the `CAP_NET_BIND_SERVICE` capability so that acme-dns can be run by a user other than root.
 
     1) Make sure that you have moved the configuration file to `/etc/acme-dns/config.cfg` so that acme-dns can access it globally.
 
@@ -139,7 +150,7 @@ See the INSTALL section for information on how to do this.
 
     7) Run acme-dns: `sudo systemctl start acme-dns.service`.
 
-5) If you did not install the systemd service, run `acme-dns`. Please note that acme-dns needs to open a privileged port (53, domain), so it needs to be run with elevated privileges.
+6) If you did not install the systemd service, run `acme-dns`. Please note that acme-dns needs to open a privileged port (53, domain), so it needs to be run with elevated privileges.
 
 ### Using Docker