Merge pull request #666 from darko-poljak/fix-letsencrypt-cert

Fix __letsencrypt_cert type: use object id as domain
This commit is contained in:
Darko Poljak 2018-05-30 19:41:50 +02:00 committed by GitHub
commit a1a589ab59
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 28 additions and 9 deletions

View file

@ -15,7 +15,13 @@ case "${state}" in
echo remove >> "${__messages_out:?}"
;;
present)
requested_domains="${__object}/parameter/domain"
domain_param_file="${__object}/parameter/domain"
requested_domains=$(mktemp domain.cdist.XXXXXXXXXX)
if [ -f "${domain_param_file}" ]; then
cp "${domain_param_file}" "${requested_domains}"
else
echo "$__object_id" >> "${requested_domains}"
fi
staging=no
if [ -f "${__object}/parameter/staging" ]; then

View file

@ -14,15 +14,13 @@ Automatically obtain a Let's Encrypt SSL certificate using Certbot.
REQUIRED PARAMETERS
-------------------
object id
A cert name. If domain parameter is not specified then it is used
as a domain to be included in the certificate.
admin-email
Where to send Let's Encrypt emails like "certificate needs renewal".
REQUIRED MULTIPLE PARAMETERS
----------------------------
domain
A domain to be included in the certificate.
OPTIONAL PARAMETERS
-------------------
@ -44,6 +42,10 @@ OPTIONAL MULTIPLE PARAMETERS
renew-hook
Renew hook command directly passed to Certbot in cron job.
domain
Domains to be included in the certificate. When specified then object id
is not used as a domain.
BOOLEAN PARAMETERS
------------------
@ -70,6 +72,17 @@ EXAMPLES
.. code-block:: sh
# use object id as domain
__letsencrypt_cert example.com \
--admin-email root@example.com \
--automatic-renewal \
--renew-hook "service nginx reload" \
--webroot /data/letsencrypt/root
.. code-block:: sh
# domain parameter is specified so object id is not used as domain
# and example.com needs to be included again with domain parameter
__letsencrypt_cert example.com \
--admin-email root@example.com \
--automatic-renewal \
@ -79,7 +92,6 @@ EXAMPLES
--renew-hook "service nginx reload" \
--webroot /data/letsencrypt/root
AUTHORS
-------

View file

@ -1 +1,2 @@
domain
renew-hook

View file

@ -5,6 +5,7 @@ next:
* New type: __install_coreos (Ľubomír Kučera)
* Type __consul_agent: Add LSB init header (Nico Schottelius)
* Type __package_yum: Fix explorer when name contains package name with exact version specified (Aleksandr Dinu)
* Type __letsencrypt_cert: Use object id as domain if domain param is not specified (Darko Poljak)
4.9.0: 2018-05-17
* Type __docker_stack: Use --with-registry-auth option (Ľubomír Kučera)