dnamic link in include

10 files changed, 136 insertions, 10 deletions

diff --git a/docs/reference/plugins/validation/dns/acme-dns.md b/docs/reference/plugins/validation/dns/acme-dns.md
index 9cbb12c..9688fe7 100644
--- a/docs/reference/plugins/validation/dns/acme-dns.md
+++ b/docs/reference/plugins/validation/dns/acme-dns.md
@@ -1,3 +1,15 @@
 ---
 sidebar: reference
----
\ No newline at end of file
+---
+
+# acme-dns
+Use an [acme-dns](https://github.com/joohoi/acme-dns) server to handle the validation records. 
+The plugin will ask you to choose an endpoint to use. For testing the `https://auth.acme-dns.io/` 
+endpoint is useful, but it is a security concern. As the readme of that project clearly states: 
+"You are encouraged to run your own acme-dns instance."
+
+## Unattended
+Not supported, unless there is a pre-existing acme-dns registration for all the domains. 
+The reason for this is that acme-dns requires you to create CNAME records. In the future this 
+might be scripted the same way we can script DNS validation itself, but so far there hasn't been
+enough demand for that feature to make it worth developing.
\ No newline at end of file
diff --git a/docs/reference/plugins/validation/dns/azure.md b/docs/reference/plugins/validation/dns/azure.md
index 9cbb12c..6224367 100644
--- a/docs/reference/plugins/validation/dns/azure.md
+++ b/docs/reference/plugins/validation/dns/azure.md
@@ -1,3 +1,48 @@
 ---
 sidebar: reference
----
\ No newline at end of file
+---
+
+# Azure DNS 
+Create the record in Azure DNS.
+
+{% include validation-dns-seperate.md %}
+
+## Setup
+This assumes you already have your DNS managed in Azure; if not, you'll need to set that up first. If you are 
+using the Azure DNS option for validation, you'll need to get certain info from your Azure Tenant, and create 
+a service principal for Let's Encrypt to use (you'll only need to create on of these for your entire domain 
+- it's basically an account that has authority to create DNS records). 
+
+### Create Azure AD Service Principal Account
+Run the following commands in Powershell. You will need to install the AzureRM Powershell module first if 
+you don't have it installed already.
+
+`Login-AzureRmAccount`
+`$sp = New-AzureRmADServicePrincipal -DisplayName LetsEncrypt -Password "SuperSecretPasswordGoesHere"`
+
+You can change the DisplayName to something else if you like, and you should certainly change the password. 
+Keep a note of the password as you'll need it to set up the client in a minute.
+
+You then need to give this Service Principal access to change DNS entries. In the Azure Portal:
+* Go to `DNS Zones` > `sub.example.com` > `Access Control (IAM)`
+* Click `Add`
+* For Role, choose `DNS Zone Contributor`
+* Assign access to `Azure AD user, group, or application`
+* Select `LetsEncrypt` (or whatever you called your Service Principal above)
+* Click `Save`
+
+### Configuring the plugin
+* Run `wacs.exe`, and choose which site you want to secure.
+* At the section 'How you you like to validate this certificate' choose `Azure DNS`
+* For **Tenant ID**: in the Azure Portal: Azure Active Directory > Properties > Directory ID.
+* For **Client ID**: in the Azure Portal: Azure Active Directory > App registrations > LetsEncrypt (or whatever you called your Service Principal before), and find the Application ID.
+* For the **Secret**: enter the password you created before.
+* For the **DNS Subscription ID**: in the Azure Portal: DNS zones -> your.dns.zone.net -> Subscription ID
+* For the **DNS Resource Group Name**: the name of the Resource Group your DNS zone is in (you can find this in Azure Portal: DNS zones -> your.dns.zone.net -> Resource Group
+
+### Resources
+[How to: Use Azure PowerShell to create a service principal with a certificate](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-authenticate-service-principal-powershell)
+[DNS SDK](https://docs.microsoft.com/en-us/azure/dns/dns-sdk)
+
+## Unattended 
+`--validationmode dns-01 --validation azure --azuretenantid x --azureclientid x --azuresecret *** --azuresubscriptionid x --azureresourcegroupname x`
\ No newline at end of file
diff --git a/docs/reference/plugins/validation/dns/dreamhost.md b/docs/reference/plugins/validation/dns/dreamhost.md
index 9cbb12c..1ff6fbe 100644
--- a/docs/reference/plugins/validation/dns/dreamhost.md
+++ b/docs/reference/plugins/validation/dns/dreamhost.md
@@ -1,3 +1,14 @@
 ---
 sidebar: reference
----
\ No newline at end of file
+---
+
+# Dreamhost
+Update record for [Dreamhost](https://www.dreamhost.com/)
+
+{% include validation-dns-seperate.md %}
+
+## Setup
+Requires an API key
+
+## Unattended 
+`--validation dreamhost --validationmode dns-01 --apikey x`
\ No newline at end of file
diff --git a/docs/reference/plugins/validation/dns/manual.md b/docs/reference/plugins/validation/dns/manual.md
index 9cbb12c..2ab0dcd 100644
--- a/docs/reference/plugins/validation/dns/manual.md
+++ b/docs/reference/plugins/validation/dns/manual.md
@@ -1,3 +1,12 @@
 ---
 sidebar: reference
----
\ No newline at end of file
+---
+
+# Manual
+The client will show the record that is supposed to be created on screen and it will have 
+to be created manually by whatever means necessary. Obviously not good for unattended operation 
+but it is a good way to get started as a proof of concept, before investing in further 
+automation.
+
+## Unattended
+Not supported (obviously)
\ No newline at end of file
diff --git a/docs/reference/plugins/validation/dns/route53.md b/docs/reference/plugins/validation/dns/route53.md
index 9cbb12c..17aa9a6 100644
--- a/docs/reference/plugins/validation/dns/route53.md
+++ b/docs/reference/plugins/validation/dns/route53.md
@@ -1,3 +1,18 @@
 ---
 sidebar: reference
----
\ No newline at end of file
+---
+
+# Route 53
+Create the record in Amazon Route53
+
+{% include validation-dns-seperate.md %}
+
+## Setup
+This requires either a user or an IAM role with the following permissions on the zone: 
+`route53:GetChange`, `route53:ListHostedZones` and`route53:ChangeResourceRecordSets`
+
+## Unattended 
+User:
+`--validation route53 --validationmode dns-01 --route53accesskeyid x --route53secretaccesskey ***`
+IAM  role:
+`--validation route53 --validationmode dns-01 --route53iamrole x`
\ No newline at end of file
diff --git a/docs/reference/plugins/validation/dns/script.md b/docs/reference/plugins/validation/dns/script.md
index 9cbb12c..1846b08 100644
--- a/docs/reference/plugins/validation/dns/script.md
+++ b/docs/reference/plugins/validation/dns/script.md
@@ -1,3 +1,37 @@
 ---
 sidebar: reference
----
\ No newline at end of file
+---
+
+# Script
+Run an external script or program to create or update the validation records.
+
+## Create
+A script to create the DNS record must be provided. The arguments passed to the 
+script will be `create {Identifier} {RecordName} {Token}` by default, with:
+	- `create` - fixed value
+	- `{Identifier}` - host name that's being validated, e.g. `sub.example.com`
+	- `{RecordName}` - full name of the TXT record that is being expected, e.g. `_acme-challenge.sub.example.com`
+	- `{Token}` - content of the TXT record, e.g. `DGyRejmCefe7v4NfDGDKfA`
+
+The order and format of arguments may be customized by providing a diffent argument string. 
+For example if your script needs arguments like `--host _acme-challenge.example.com --token DGyRejmCefe7v4NfDGDKfA`,
+your argument string should be `--host {RecordName} --token {Token}`
+
+## Delete
+Optionally, another script may be provided to delete the record after validation. The arguments passed to the 
+script will be `delete {Identifier} {RecordName} {Token}` by default. The order and format of arguments may be 
+customized by providing a diffent argument string, just like for the create script. You can also choose to use 
+the same script for create and delete, with each their own argument string.
+
+## Resources
+A lot of good example scripts are available from the 
+[POSH-ACME](https://github.com/rmbolger/Posh-ACME/tree/master/Posh-ACME/DnsPlugins)
+project.
+
+## Unattended
+Create script only:
+`-validationmode dns-01 --validation dnsscript --dnscreatescript c:\create.ps1 [--dnscreatescriptarguments {args}]`
+Create and delete scripts seperate:
+`-validationmode dns-01 --validation dnsscript --dnscreatescript c:\create.ps1 --dnsdeletescript c:\delete.ps1 [--dnscreatescriptarguments {args}] [--dnsdeletescriptarguments {args}]`
+Create and delete script (integrated):
+`-validationmode dns-01 --validation dnsscript --dnsscript c:\create-and-delete.ps1 [--dnscreatescriptarguments {args}] [--dnsdeletescriptarguments {args}]`
\ No newline at end of file
diff --git a/docs/reference/plugins/validation/http/filesystem.md b/docs/reference/plugins/validation/http/filesystem.md
index b5d61ca..4ae8996 100644
--- a/docs/reference/plugins/validation/http/filesystem.md
+++ b/docs/reference/plugins/validation/http/filesystem.md
@@ -5,7 +5,7 @@ sidebar: reference
 # Filesystem
 This plugin saves the validation challenge to a local path, which may of course also be a network path.
 
-{% include webconfig.md %}
+{% include validation-http-common.md %}
 
 ## Unattended 
 `--validation filesystem [--validationsiteid x] [--webroot c:\httpdocs\]`
\ No newline at end of file
diff --git a/docs/reference/plugins/validation/http/ftps.md b/docs/reference/plugins/validation/http/ftps.md
index 4e2e430..01369a4 100644
--- a/docs/reference/plugins/validation/http/ftps.md
+++ b/docs/reference/plugins/validation/http/ftps.md
@@ -5,7 +5,7 @@ sidebar: reference
 # FTP(S)
 This plugin uploads the validation challenge to a (secure) FTP server.
 
-{% include webconfig.md %}
+{% include validation-http-common.md %}
 
 ## Unattended 
 `--validation ftp --webroot ftps://x/ --username admin --password ******`
\ No newline at end of file
diff --git a/docs/reference/plugins/validation/http/sftp.md b/docs/reference/plugins/validation/http/sftp.md
index bb5e74a..ab565fe 100644
--- a/docs/reference/plugins/validation/http/sftp.md
+++ b/docs/reference/plugins/validation/http/sftp.md
@@ -5,7 +5,7 @@ sidebar: reference
 # SFTP
 This plugin uploads the validation challenge to a SSH FTP / SFTP server.
 
-{% include webconfig.md %}
+{% include validation-http-common.md %}
 
 ## Unattended 
 `--validation sftp --webroot ftps://x/ --username admin --password ******`
\ No newline at end of file
diff --git a/docs/reference/plugins/validation/http/webdav.md b/docs/reference/plugins/validation/http/webdav.md
index a317635..94bfeaf 100644
--- a/docs/reference/plugins/validation/http/webdav.md
+++ b/docs/reference/plugins/validation/http/webdav.md
@@ -5,7 +5,7 @@ sidebar: reference
 # SFTP
 This plugin pushes the validation challenge to a WebDav path.
 
-{% include webconfig.md %}
+{% include validation-http-common.md %}
 
 ## Unattended 
 `--validation webdav --webroot ftps://x/ --username admin --password ******`
\ No newline at end of file