Update TLS instructions

docs/administrator_documentation/installation_docs/debian.md

@@ -362,24 +362,36 @@ grep '${' /etc/nginx/sites-enabled/funkwhale.conf
 
 To enable your users to connect to your pod securely, you need to set up {abbr}`TLS (Transport Layer Security)`. To do this, we recommend using the <acme.sh> script.
 
-1. Download and run `acme.sh`. Replace `my@example.com` with your email address.
+1. Log in as the superuser account to run these commands.
+
+   ```{code} bash
+   su
+   ```
+
+2. Create the `/etc/certs` folder to store the certificates.
+
+   ```{code} bash
+   mkdir /etc/certs
+   ```
+
+3. Download and run `acme.sh`. Replace `my@example.com` with your email address.
 
    ```{code} bash
    curl https://get.acme.sh | sh -s email=my@example.com
    ```
 
-2. Generate a certificate. Replace `example.com` with your Funkwhale pod name.
+4. Generate a certificate. Replace `example.com` with your Funkwhale pod name. Use `/srv/funkwhale/front` as your web root folder.
 
    ```{code} bash
-   acme.sh --issue -d example.com -w /home/funkwhale/public_html
+   acme.sh --issue -d example.com -w /srv/funkwhale/front
    ```
 
-3. Install the certificate to your Nginx config. Replace `example.com` with your Funkwhale pod name.
+5. Install the certificate to your Nginx config. Replace `example.com` with your Funkwhale pod name.
 
    ```{code} bash
    acme.sh --install-cert -d example.com \
-   --key-file       /path/to/keyfile/in/nginx/key.pem  \
+   --key-file       /etc/certs/key.pem  \
-   --fullchain-file /path/to/fullchain/nginx/cert.pem \
+   --fullchain-file /etc/certs/cert.pem \
    --reloadcmd     "service nginx force-reload"
    ```
 

docs/administrator_documentation/installation_docs/docker.md

@@ -203,24 +203,36 @@ grep '${' /etc/nginx/sites-enabled/funkwhale.conf
 
 To enable your users to connect to your pod securely, you need to set up {abbr}`TLS (Transport Layer Security)`. To do this, we recommend using the <acme.sh> script.
 
-1. Download and run `acme.sh`. Replace `my@example.com` with your email address.
+1. Log in as the superuser account to run these commands.
+
+   ```{code} bash
+   su
+   ```
+
+2. Create the `/etc/certs` folder to store the certificates.
+
+   ```{code} bash
+   mkdir /etc/certs
+   ```
+
+3. Download and run `acme.sh`. Replace `my@example.com` with your email address.
 
    ```{code} bash
    curl https://get.acme.sh | sh -s email=my@example.com
    ```
 
-2. Generate a certificate. Replace `example.com` with your Funkwhale pod name.
+4. Generate a certificate. Replace `example.com` with your Funkwhale pod name. Use `/srv/funkwhale/front` as your web root folder.
 
    ```{code} bash
-   acme.sh --issue -d example.com -w /home/funkwhale/public_html
+   acme.sh --issue -d example.com -w /srv/funkwhale/front
    ```
 
-3. Install the certificate to your Nginx config. Replace `example.com` with your Funkwhale pod name.
+5. Install the certificate to your Nginx config. Replace `example.com` with your Funkwhale pod name.
 
    ```{code} bash
    acme.sh --install-cert -d example.com \
-   --key-file       /path/to/keyfile/in/nginx/key.pem  \
+   --key-file       /etc/certs/key.pem  \
-   --fullchain-file /path/to/fullchain/nginx/cert.pem \
+   --fullchain-file /etc/certs/cert.pem \
    --reloadcmd     "service nginx force-reload"
    ```