Excellent resource! Thanks so very much. I would love to see a little more clarity on the recommended setup for the datasets, as well as setting permissions. I know that permissions in particular can be very troublesome and the addition of a short step-by-step for this aspect would make this guide even more incredible that it already is.
But it can use a little improvement. I'd like to see four things:
(1) more than just the Cloud Flare example. I used DuckDNS and had to figure things out (see below). Maybe juxtapose the relevant documentation w/ the implementation and give some guidance of how things may vary.
(2) I put everything in a jail and think this is good practice. Some discussion about using jails would be helpful. Even better, if you agree about the value of using a jail, would be revising the instructions to include use of a jail.
(3) Because current versions of FreeNAS (11.2+) use iocage, some discussion of appropriate iocage commands.
(4) Because current versions of FreeNAS do not include bash in a jail by default, examples or instructions using csh instead.
Here's what I did for DuckDNS:
Issuing the Certificate w/ DNS challenge:
Start a shell within the jail
setenv DuckDNS_Token "<token goes here>"
.acme.sh/acme.sh --insecure --issue --dns dns_duckdns -d <subdomain>.duckdns.org
Cron job to automate renewal:
FreeNAS > Tasks > Cron Jobs
Command = iocage exec acme /root/.acme.sh/acme.sh --cron
Run as user = root
Description & Schedule are left whatever you want.