forked from evolix/ansible-roles
evoacme: upstream release 20.06
This commit is contained in:
parent
291ad2ba40
commit
6d31568a41
|
@ -22,6 +22,7 @@ The **patch** part changes incrementally at each release.
|
|||
* redis: create sudoers file if missing
|
||||
* redis: new syntax for match filter
|
||||
* redis: raise an error is port 6379 is used in "instance" mode
|
||||
* evoacme: upstream release 20.06
|
||||
|
||||
### Fixed
|
||||
|
||||
|
|
|
@ -118,21 +118,21 @@ main() {
|
|||
[ "$1" = "-V" ] || [ "$1" = "--version" ] && show_version && exit 0
|
||||
|
||||
mkdir -p "${ACME_DIR}"
|
||||
chown acme: "${ACME_DIR}"
|
||||
chown root: "${ACME_DIR}"
|
||||
[ -w "${ACME_DIR}" ] || error "Directory ${ACME_DIR} is not writable"
|
||||
|
||||
[ -d "${CSR_DIR}" ] || error "Directory ${CSR_DIR} is not found"
|
||||
|
||||
mkdir -p "${CRT_DIR}"
|
||||
chown acme: "${CRT_DIR}"
|
||||
chown root: "${CRT_DIR}"
|
||||
[ -w "${CRT_DIR}" ] || error "Directory ${CRT_DIR} is not writable"
|
||||
|
||||
mkdir -p "${LOG_DIR}"
|
||||
chown acme: "${LOG_DIR}"
|
||||
chown root: "${LOG_DIR}"
|
||||
[ -w "${LOG_DIR}" ] || error "Directory ${LOG_DIR} is not writable"
|
||||
|
||||
mkdir -p "${HOOKS_DIR}"
|
||||
chown acme: "${HOOKS_DIR}"
|
||||
chown root: "${HOOKS_DIR}"
|
||||
[ -d "${HOOKS_DIR}" ] || error "Directory ${HOOKS_DIR} is not found"
|
||||
|
||||
readonly VHOST=$(basename "$1" .conf)
|
||||
|
@ -195,7 +195,7 @@ main() {
|
|||
|
||||
[ -d "${NEW_DIR}" ] && error "${NEW_DIR} directory already exists, remove it manually."
|
||||
mkdir -p "${NEW_DIR}"
|
||||
chown -R acme: "${CRT_DIR}"
|
||||
chown -R root: "${CRT_DIR}"
|
||||
chmod -R 0700 "${CRT_DIR}"
|
||||
chmod -R g+rX "${CRT_DIR}"
|
||||
debug "New cert will be created in ${NEW_DIR}"
|
||||
|
@ -218,15 +218,14 @@ main() {
|
|||
CERTBOT_REGISTRATION="${CERTBOT_REGISTRATION} --register-unsafely-without-email"
|
||||
fi
|
||||
|
||||
# Permissions checks for acme user
|
||||
sudo -u acme test -r "${CSR_FILE}" || error "File ${CSR_FILE} is not readable by user 'acme'"
|
||||
sudo -u acme test -w "${NEW_DIR}" || error "Directory ${NEW_DIR} is not writable by user 'acme'"
|
||||
# Permissions checks
|
||||
test -r "${CSR_FILE}" || error "File ${CSR_FILE} is not readable"
|
||||
test -w "${NEW_DIR}" || error "Directory ${NEW_DIR} is not writable"
|
||||
|
||||
# create a certificate with certbot
|
||||
# we disable the set -e during the certbot call
|
||||
set +e
|
||||
sudo -u acme \
|
||||
"${CERTBOT_BIN}" \
|
||||
"${CERTBOT_BIN}" \
|
||||
certonly \
|
||||
${CERTBOT_MODE} \
|
||||
${CERTBOT_REGISTRATION} \
|
||||
|
@ -304,7 +303,7 @@ readonly QUIET=${QUIET:-"0"}
|
|||
readonly TEST=${TEST:-"0"}
|
||||
readonly DRY_RUN=${DRY_RUN:-"0"}
|
||||
|
||||
readonly VERSION="19.11"
|
||||
readonly VERSION="20.06"
|
||||
|
||||
# Read configuration file, if it exists
|
||||
[ -r /etc/default/evoacme ] && . /etc/default/evoacme
|
||||
|
|
|
@ -265,7 +265,7 @@ readonly ARGS=$@
|
|||
readonly VERBOSE=${VERBOSE:-"0"}
|
||||
readonly QUIET=${QUIET:-"0"}
|
||||
|
||||
readonly VERSION="19.11"
|
||||
readonly VERSION="20.06"
|
||||
|
||||
# Read configuration file, if it exists
|
||||
[ -r /etc/default/evoacme ] && . /etc/default/evoacme
|
||||
|
|
|
@ -170,7 +170,7 @@ readonly ARGS=$@
|
|||
readonly VERBOSE=${VERBOSE:-"0"}
|
||||
readonly QUIET=${QUIET:-"0"}
|
||||
|
||||
readonly VERSION="19.11"
|
||||
readonly VERSION="20.06"
|
||||
|
||||
readonly SRV_IP=${SRV_IP:-""}
|
||||
|
||||
|
|
Loading…
Reference in a new issue