Merge pull request #666 from darko-poljak/fix-letsencrypt-cert

Fix __letsencrypt_cert type: use object id as domain
This commit is contained in:
Darko Poljak 2018-05-30 19:41:50 +02:00 committed by GitHub
commit a1a589ab59
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 28 additions and 9 deletions

View file

@ -15,7 +15,13 @@ case "${state}" in
echo remove >> "${__messages_out:?}" echo remove >> "${__messages_out:?}"
;; ;;
present) present)
requested_domains="${__object}/parameter/domain" domain_param_file="${__object}/parameter/domain"
requested_domains=$(mktemp domain.cdist.XXXXXXXXXX)
if [ -f "${domain_param_file}" ]; then
cp "${domain_param_file}" "${requested_domains}"
else
echo "$__object_id" >> "${requested_domains}"
fi
staging=no staging=no
if [ -f "${__object}/parameter/staging" ]; then if [ -f "${__object}/parameter/staging" ]; then

View file

@ -14,15 +14,13 @@ Automatically obtain a Let's Encrypt SSL certificate using Certbot.
REQUIRED PARAMETERS REQUIRED PARAMETERS
------------------- -------------------
object id
A cert name. If domain parameter is not specified then it is used
as a domain to be included in the certificate.
admin-email admin-email
Where to send Let's Encrypt emails like "certificate needs renewal". Where to send Let's Encrypt emails like "certificate needs renewal".
REQUIRED MULTIPLE PARAMETERS
----------------------------
domain
A domain to be included in the certificate.
OPTIONAL PARAMETERS OPTIONAL PARAMETERS
------------------- -------------------
@ -44,6 +42,10 @@ OPTIONAL MULTIPLE PARAMETERS
renew-hook renew-hook
Renew hook command directly passed to Certbot in cron job. Renew hook command directly passed to Certbot in cron job.
domain
Domains to be included in the certificate. When specified then object id
is not used as a domain.
BOOLEAN PARAMETERS BOOLEAN PARAMETERS
------------------ ------------------
@ -70,6 +72,17 @@ EXAMPLES
.. code-block:: sh .. code-block:: sh
# use object id as domain
__letsencrypt_cert example.com \
--admin-email root@example.com \
--automatic-renewal \
--renew-hook "service nginx reload" \
--webroot /data/letsencrypt/root
.. code-block:: sh
# domain parameter is specified so object id is not used as domain
# and example.com needs to be included again with domain parameter
__letsencrypt_cert example.com \ __letsencrypt_cert example.com \
--admin-email root@example.com \ --admin-email root@example.com \
--automatic-renewal \ --automatic-renewal \
@ -79,7 +92,6 @@ EXAMPLES
--renew-hook "service nginx reload" \ --renew-hook "service nginx reload" \
--webroot /data/letsencrypt/root --webroot /data/letsencrypt/root
AUTHORS AUTHORS
------- -------

View file

@ -1 +1,2 @@
domain
renew-hook renew-hook

View file

@ -5,6 +5,7 @@ next:
* New type: __install_coreos (Ľubomír Kučera) * New type: __install_coreos (Ľubomír Kučera)
* Type __consul_agent: Add LSB init header (Nico Schottelius) * Type __consul_agent: Add LSB init header (Nico Schottelius)
* Type __package_yum: Fix explorer when name contains package name with exact version specified (Aleksandr Dinu) * Type __package_yum: Fix explorer when name contains package name with exact version specified (Aleksandr Dinu)
* Type __letsencrypt_cert: Use object id as domain if domain param is not specified (Darko Poljak)
4.9.0: 2018-05-17 4.9.0: 2018-05-17
* Type __docker_stack: Use --with-registry-auth option (Ľubomír Kučera) * Type __docker_stack: Use --with-registry-auth option (Ľubomír Kučera)