forked from ungleich-public/cdist
Merge pull request #666 from darko-poljak/fix-letsencrypt-cert
Fix __letsencrypt_cert type: use object id as domain
This commit is contained in:
commit
a1a589ab59
5 changed files with 28 additions and 9 deletions
|
@ -15,7 +15,13 @@ case "${state}" in
|
||||||
echo remove >> "${__messages_out:?}"
|
echo remove >> "${__messages_out:?}"
|
||||||
;;
|
;;
|
||||||
present)
|
present)
|
||||||
requested_domains="${__object}/parameter/domain"
|
domain_param_file="${__object}/parameter/domain"
|
||||||
|
requested_domains=$(mktemp domain.cdist.XXXXXXXXXX)
|
||||||
|
if [ -f "${domain_param_file}" ]; then
|
||||||
|
cp "${domain_param_file}" "${requested_domains}"
|
||||||
|
else
|
||||||
|
echo "$__object_id" >> "${requested_domains}"
|
||||||
|
fi
|
||||||
|
|
||||||
staging=no
|
staging=no
|
||||||
if [ -f "${__object}/parameter/staging" ]; then
|
if [ -f "${__object}/parameter/staging" ]; then
|
||||||
|
|
|
@ -14,15 +14,13 @@ Automatically obtain a Let's Encrypt SSL certificate using Certbot.
|
||||||
REQUIRED PARAMETERS
|
REQUIRED PARAMETERS
|
||||||
-------------------
|
-------------------
|
||||||
|
|
||||||
|
object id
|
||||||
|
A cert name. If domain parameter is not specified then it is used
|
||||||
|
as a domain to be included in the certificate.
|
||||||
|
|
||||||
admin-email
|
admin-email
|
||||||
Where to send Let's Encrypt emails like "certificate needs renewal".
|
Where to send Let's Encrypt emails like "certificate needs renewal".
|
||||||
|
|
||||||
REQUIRED MULTIPLE PARAMETERS
|
|
||||||
----------------------------
|
|
||||||
|
|
||||||
domain
|
|
||||||
A domain to be included in the certificate.
|
|
||||||
|
|
||||||
OPTIONAL PARAMETERS
|
OPTIONAL PARAMETERS
|
||||||
-------------------
|
-------------------
|
||||||
|
|
||||||
|
@ -44,6 +42,10 @@ OPTIONAL MULTIPLE PARAMETERS
|
||||||
renew-hook
|
renew-hook
|
||||||
Renew hook command directly passed to Certbot in cron job.
|
Renew hook command directly passed to Certbot in cron job.
|
||||||
|
|
||||||
|
domain
|
||||||
|
Domains to be included in the certificate. When specified then object id
|
||||||
|
is not used as a domain.
|
||||||
|
|
||||||
BOOLEAN PARAMETERS
|
BOOLEAN PARAMETERS
|
||||||
------------------
|
------------------
|
||||||
|
|
||||||
|
@ -70,6 +72,17 @@ EXAMPLES
|
||||||
|
|
||||||
.. code-block:: sh
|
.. code-block:: sh
|
||||||
|
|
||||||
|
# use object id as domain
|
||||||
|
__letsencrypt_cert example.com \
|
||||||
|
--admin-email root@example.com \
|
||||||
|
--automatic-renewal \
|
||||||
|
--renew-hook "service nginx reload" \
|
||||||
|
--webroot /data/letsencrypt/root
|
||||||
|
|
||||||
|
.. code-block:: sh
|
||||||
|
|
||||||
|
# domain parameter is specified so object id is not used as domain
|
||||||
|
# and example.com needs to be included again with domain parameter
|
||||||
__letsencrypt_cert example.com \
|
__letsencrypt_cert example.com \
|
||||||
--admin-email root@example.com \
|
--admin-email root@example.com \
|
||||||
--automatic-renewal \
|
--automatic-renewal \
|
||||||
|
@ -79,7 +92,6 @@ EXAMPLES
|
||||||
--renew-hook "service nginx reload" \
|
--renew-hook "service nginx reload" \
|
||||||
--webroot /data/letsencrypt/root
|
--webroot /data/letsencrypt/root
|
||||||
|
|
||||||
|
|
||||||
AUTHORS
|
AUTHORS
|
||||||
-------
|
-------
|
||||||
|
|
||||||
|
|
|
@ -1 +1,2 @@
|
||||||
|
domain
|
||||||
renew-hook
|
renew-hook
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
domain
|
|
|
@ -5,6 +5,7 @@ next:
|
||||||
* New type: __install_coreos (Ľubomír Kučera)
|
* New type: __install_coreos (Ľubomír Kučera)
|
||||||
* Type __consul_agent: Add LSB init header (Nico Schottelius)
|
* Type __consul_agent: Add LSB init header (Nico Schottelius)
|
||||||
* Type __package_yum: Fix explorer when name contains package name with exact version specified (Aleksandr Dinu)
|
* Type __package_yum: Fix explorer when name contains package name with exact version specified (Aleksandr Dinu)
|
||||||
|
* Type __letsencrypt_cert: Use object id as domain if domain param is not specified (Darko Poljak)
|
||||||
|
|
||||||
4.9.0: 2018-05-17
|
4.9.0: 2018-05-17
|
||||||
* Type __docker_stack: Use --with-registry-auth option (Ľubomír Kučera)
|
* Type __docker_stack: Use --with-registry-auth option (Ľubomír Kučera)
|
||||||
|
|
Loading…
Reference in a new issue