Improve formatting of config files.

2 files changed, 27 insertions, 5 deletions

diff --git a/config/lacme-certs.conf b/config/lacme-certs.conf
index 45c46a8..12fcd54 100644
--- a/config/lacme-certs.conf
+++ b/config/lacme-certs.conf
@@ -1,50 +1,62 @@
-# Each non-default section denotes a separate certificate issuance.
-# Options in the default section apply to each sections.
+# Each non-default section refer to separate certificate issuance
+# requests. Options in the default section apply to each sections.
 
 # Message digest to sign the Certificate Signing Request with.
+#
 #hash = sha512
 
 # Comma-separated list of Key Usages, see x509v3_config(5ssl).
+#
 #keyUsage = digitalSignature, keyEncipherment
 
 
 #[www]
 
 # Path the service's private key.  This option is required.
+#
 #certificate-key = /etc/nginx/ssl/srv.key
 
 # Where to store the issued certificate (in PEM format).
+#
 #certificate = /etc/nginx/ssl/srv.pem
 
 # Where to store the issued certificate, concatenated with the content
 # of the file specified specified with the CAfile option (in PEM format).
+#
 #certificate-chain = /etc/nginx/ssl/srv.chain.pem
 
 # For an existing certificate, the minimum number of days before its
 # expiration date the section is considered for re-issuance.
+#
 #min-days = 10
 
 # Path to the issuer's certificate.  This is used for certificate-chain
 # and to verify the validity of each issued certificate.  Specifying an
 # empty value skip certificate validation.
+#
 #CAfile = /usr/share/lacme/lets-encrypt-x3-cross-signed.pem
 
 # Subject field of the Certificate Signing Request.  This option is
 # required.
+#
 #subject = /CN=example.org
 
 # Comma-separated list of Subject Alternative Names.
+#
 #subjectAltName = DNS:example.org,DNS:www.example.org
 
 # username[:groupname] to chown the issued certificate and
 # certificate-chain with.
+#
 #chown = root:root
 
 # Octal mode to chmod the issued certificate and certificate-chain with.
+#
 #chmod = 0644
 
 # Command to pass the the system's command shell ("/bin/sh -c") after
 # successful installation of the certificate and/or certificate-chain.
+#
 #notify = /bin/systemctl reload nginx
 
 
diff --git a/config/lacme.conf b/config/lacme.conf
index a52689a..08afeb4 100644
--- a/config/lacme.conf
+++ b/config/lacme.conf
@@ -3,7 +3,9 @@
 #
 #config-certs = /etc/lacme/lacme-certs.conf
 
+
 [client]
+
 # The value of "socket" specifies the path to the lacme-accountd(1)
 # UNIX-domain socket to connect to for signature requests from the ACME
 # client.  lacme(1) aborts if the socket is readable or writable by
@@ -30,6 +32,7 @@
 #group = nogroup
 
 # Path to the ACME client executable.
+#
 #command = /usr/lib/lacme/client
 
 # Root URI of the ACME server.  NOTE: Use the staging server for testing
@@ -44,12 +47,15 @@
 #timeout = 10
 
 # Whether to verify the server certificate chain.
+#
 #SSL_verify = yes
 
 # Specify the version of the SSL protocol used to transmit data.
+#
 #SSL_version = SSLv23:!TLSv1_1:!TLSv1:!SSLv3:!SSLv2
 
 # Specify the cipher list for the connection.
+#
 #SSL_cipher_list = EECDH+AESGCM:!MEDIUM:!LOW:!EXP:!aNULL:!eNULL
 
 
@@ -88,10 +94,10 @@
 #iptables = Yes
 
 
-# lacme-accound(1) section.  Comment out the following section to make
-# lacme(1) connect to an existing UNIX-domain socket bound by a running
-# acme-accountd(1) process.
 [accountd]
+# lacme-accound(1) section.  Comment out this section (including its
+# header) to make lacme(1) connect to an existing UNIX-domain socket
+# bound by a running acme-accountd(1) process.
 
 # username to drop privileges to (setting both effective and real uid).
 # Preserve root privileges if the value is empty.
@@ -105,16 +111,20 @@
 #group = root
 
 # Path to the lacme-accountd(1) executable.
+#
 #command = /usr/bin/lacme-accountd
 
 # Path to the lacme-accountd(1) configuration file.
+#
 #config = /etc/lacme/lacme-accountd.conf
 
 # The (private) account key to use for signing requests.  See
 # lacme-accountd(1) for details.
+#
 #privkey = file:/path/to/account.key
 
 # Be quiet.
+#
 #quiet = Yes
 
 ; vim:ft=dosini