From efebe153868e0fd6a51a89387097dc847a7ae14e Mon Sep 17 00:00:00 2001 From: Darko Poljak Date: Sun, 27 May 2018 15:32:44 +0200 Subject: [PATCH] Fix __letsencrypt_cert type: use object id as domain if domain param is not specified --- .../type/__letsencrypt_cert/gencode-remote | 8 +++++- cdist/conf/type/__letsencrypt_cert/man.rst | 26 ++++++++++++++----- .../parameter/optional_multiple | 1 + .../parameter/required_multiple | 1 - docs/changelog | 1 + 5 files changed, 28 insertions(+), 9 deletions(-) delete mode 100644 cdist/conf/type/__letsencrypt_cert/parameter/required_multiple diff --git a/cdist/conf/type/__letsencrypt_cert/gencode-remote b/cdist/conf/type/__letsencrypt_cert/gencode-remote index 4bd05eff..788da74c 100755 --- a/cdist/conf/type/__letsencrypt_cert/gencode-remote +++ b/cdist/conf/type/__letsencrypt_cert/gencode-remote @@ -15,7 +15,13 @@ case "${state}" in echo remove >> "${__messages_out:?}" ;; present) - requested_domains="${__object}/parameter/domain" + domain_param_file="${__object}/parameter/domain" + requested_domains=$(mktemp domain.cdist.XXXXXXXXXX) + if [ -f "${domain_param_file}" ]; then + cp "${domain_param_file}" "${requested_domains}" + else + echo "$__object_id" >> "${requested_domains}" + fi staging=no if [ -f "${__object}/parameter/staging" ]; then diff --git a/cdist/conf/type/__letsencrypt_cert/man.rst b/cdist/conf/type/__letsencrypt_cert/man.rst index 16b23fea..c4ffc6bc 100644 --- a/cdist/conf/type/__letsencrypt_cert/man.rst +++ b/cdist/conf/type/__letsencrypt_cert/man.rst @@ -14,15 +14,13 @@ Automatically obtain a Let's Encrypt SSL certificate using Certbot. REQUIRED PARAMETERS ------------------- +object id + A cert name. If domain parameter is not specified then it is used + as a domain to be included in the certificate. + admin-email Where to send Let's Encrypt emails like "certificate needs renewal". -REQUIRED MULTIPLE PARAMETERS ----------------------------- - -domain - A domain to be included in the certificate. - OPTIONAL PARAMETERS ------------------- @@ -44,6 +42,10 @@ OPTIONAL MULTIPLE PARAMETERS renew-hook Renew hook command directly passed to Certbot in cron job. +domain + Domains to be included in the certificate. When specified then object id + is not used as a domain. + BOOLEAN PARAMETERS ------------------ @@ -70,6 +72,17 @@ EXAMPLES .. code-block:: sh + # use object id as domain + __letsencrypt_cert example.com \ + --admin-email root@example.com \ + --automatic-renewal \ + --renew-hook "service nginx reload" \ + --webroot /data/letsencrypt/root + +.. code-block:: sh + + # domain parameter is specified so object id is not used as domain + # and example.com needs to be included again with domain parameter __letsencrypt_cert example.com \ --admin-email root@example.com \ --automatic-renewal \ @@ -79,7 +92,6 @@ EXAMPLES --renew-hook "service nginx reload" \ --webroot /data/letsencrypt/root - AUTHORS ------- diff --git a/cdist/conf/type/__letsencrypt_cert/parameter/optional_multiple b/cdist/conf/type/__letsencrypt_cert/parameter/optional_multiple index 3384c74f..0e866d45 100644 --- a/cdist/conf/type/__letsencrypt_cert/parameter/optional_multiple +++ b/cdist/conf/type/__letsencrypt_cert/parameter/optional_multiple @@ -1 +1,2 @@ +domain renew-hook diff --git a/cdist/conf/type/__letsencrypt_cert/parameter/required_multiple b/cdist/conf/type/__letsencrypt_cert/parameter/required_multiple deleted file mode 100644 index d23ab7ab..00000000 --- a/cdist/conf/type/__letsencrypt_cert/parameter/required_multiple +++ /dev/null @@ -1 +0,0 @@ -domain diff --git a/docs/changelog b/docs/changelog index 99d9bb81..250baae5 100644 --- a/docs/changelog +++ b/docs/changelog @@ -5,6 +5,7 @@ next: * New type: __install_coreos (Ľubomír Kučera) * Type __consul_agent: Add LSB init header (Nico Schottelius) * Type __package_yum: Fix explorer when name contains package name with exact version specified (Aleksandr Dinu) + * Type __letsencrypt_cert: Use object id as domain if domain param is not specified (Darko Poljak) 4.9.0: 2018-05-17 * Type __docker_stack: Use --with-registry-auth option (Ľubomír Kučera)