Jérémy Lecour
aa28e9c1b8
change repositories URL
2019-03-21 15:31:58 +01:00
Eric Morino
db71907155
Remove chown root: /etc/ssl/private in make-csr.sh
2019-03-19 16:13:17 +01:00
Jérémy Lecour
8279092037
evoacme: add a renewal hook to commit changes in /etc/.git
2019-03-07 00:19:43 +01:00
Victor LABORIE
6469733d2f
evoacme: fix error handling in sed_cert_path_for_(apache|nginx)
2018-11-22 15:06:23 +01:00
Benoît S.
88b66dca24
Evoacme: Better usage of apache2ctl -t
...
By default apache2ctl is using stderr, even for displaying "Syntax OK".
So, we redirect it in stdout and remove "Syntax OK". Then we check the exit code.
2018-10-03 15:16:28 +02:00
Benoît S.
758a537a8d
For SANs certificates, also add a CN for the first domain
2018-07-12 11:12:29 +02:00
Benoît S.
de63c0747f
Support for SAN in self-signed certificates
2018-07-10 17:46:41 +02:00
Benoît S.
17159676d9
Add exit 0 after the command -v commands.
...
Otherwise it would exit 1 on nginx if you have not nginx installed.
2018-07-10 17:09:20 +02:00
Jérémy Lecour
77b5f84567
evoacme: disable old certbot cron also in cron.daily
2018-06-21 17:22:40 +02:00
Victor LABORIE
9f34db8f9a
evoacme: fix module detection in apache config
2018-06-20 11:07:23 +02:00
Jérémy Lecour
ce11c39ce4
evoacme: add a symlink for vhosts with old path
2018-03-30 18:45:26 +02:00
Jérémy Lecour
7385e2894e
evoacme: fix version comparison for evoacme
2018-03-30 18:43:03 +02:00
Benoît S.
a4a3569630
Show the certificate path when exiting with an error
2018-03-06 10:34:55 +01:00
Benoît S.
cdaad871b3
Be sure to check the exit code of certbot
...
If we use set -e but no -o pipefail with a pipe, the last command exit code is
used by set -e.
certbot | grep -v something
If the grep exit with a non-zero exit code, set -e stop the execution of the
script. We don't care about that grep, so we now use the PIPESTATUS.
2018-03-05 14:46:49 +01:00
Gregory Colpart
fb6cb79b41
Keep read right on group for software with non-root access like OpenLDAP
2018-01-28 17:13:23 +01:00
Jérémy Lecour
19b2da5b92
evoacme: exclude typical certbot directories
2018-01-22 18:27:37 +01:00
Jérémy Lecour
8f88a48e15
evoacme cron task : improve readability
...
* use long form options
* break line before pipe
2018-01-03 10:12:14 +01:00
Benoît S.
edf7bceee6
Add -r to xargs arguments
...
Why? Because if there is no certificates in /etc/letsencrypt it will call
evoacme with no args, resulting in an error.
2018-01-03 10:00:22 +01:00
Jérémy Lecour
37f701eb54
evoacme: typos
2017-12-08 10:22:32 +01:00
Jérémy Lecour
5980593470
evoacme: move nginx acme challenge conf
2017-12-08 09:46:16 +01:00
Jérémy Lecour
2ac7b60a39
evoacme: better documentation
2017-11-25 14:17:36 +01:00
Jérémy Lecour
708428d088
evoacme: store Nginx letsencrypt config file in snippets
2017-11-25 14:17:36 +01:00
Jérémy Lecour
375c3e6760
evoacme: crontab management
...
* simply rename certbot script to disable it
* use "evoacme" as file name for our custom cron script
2017-11-25 14:17:36 +01:00
Jérémy Lecour
7fee69ca22
evoacme: remove $()
2017-11-21 16:17:21 +01:00
Bruno TATU
ad9a15827f
evoacme: invert conditions in sed_cert_path_XXX()
2017-11-21 14:45:50 +01:00
Bruno TATU
9519e226e9
evoacme: remove double caret in sed pattern
2017-11-21 14:44:36 +01:00
Ludovic Poujol
49d3118976
evoacme: Fix nginx on deb9 for LE challenge
2017-11-16 16:00:27 +01:00
Jérémy Lecour
5c6c92ab69
evoacme: install hooks in a loop
2017-11-15 11:40:42 +01:00
Victor LABORIE
ce3b5b7cbd
evoacme: use xargs instead of while
2017-11-14 17:19:15 +01:00
Victor LABORIE
b801bdb576
evoacme: use -printf instead of -exec basename
2017-11-14 17:01:51 +01:00
Victor LABORIE
1c48df025c
Move /usr rw remount into remount-usr role
2017-11-07 13:34:05 +01:00
Victor LABORIE
0ef627e4bd
evoacme: add dovecot hook
2017-11-06 11:04:26 +01:00
Victor LABORIE
b0df53a6ee
evoacme: add postix hook
2017-11-06 11:04:13 +01:00
Jérémy Lecour
2aa26e2d68
copy vhosts-domains script
2017-10-24 17:39:49 +02:00
Jérémy Lecour
608b0a5bbc
evoacme: fix hooks tasks
2017-10-24 17:39:32 +02:00
Jérémy Lecour
330d500de6
evoacme: fix hooks execution
...
Disable regex for grep with "-F"
2017-10-24 17:38:59 +02:00
Jérémy Lecour
56e5cfc06d
evoacme: directories must be owned by "acme"
2017-10-24 17:38:05 +02:00
Jérémy Lecour
131eac4499
Fix: return if file is not readable
2017-10-24 17:37:46 +02:00
Jérémy Lecour
0e5396faa7
change from CRON to QUIET
2017-10-24 17:37:15 +02:00
Jérémy Lecour
8567160596
evoacme: don't execute hooks with dots in file name
2017-10-20 10:15:12 +02:00
Jérémy Lecour
0ed1ca1356
evoacme: install hooks
2017-10-20 10:14:46 +02:00
Jérémy Lecour
1b50dfb0b3
evoacme: inline hooks calls + export variables
2017-10-19 23:23:51 +02:00
Jérémy Lecour
3d3e45faef
evoacme: use local variable
2017-10-19 23:18:11 +02:00
Jérémy Lecour
4d6853f844
evoacme: use hooks after certificate creation
2017-10-19 22:21:18 +02:00
Jérémy Lecour
1fa4ccc338
make-csr: create important directories
2017-10-19 11:08:35 +02:00
Jérémy Lecour
d2f86f7950
evoacme: check for arguments first
2017-10-19 11:08:16 +02:00
Jérémy Lecour
37cd22a466
evoacme: remove useless variables
2017-10-19 11:08:01 +02:00
Jérémy Lecour
266ac7fc07
evoacme: create important directories
2017-10-19 11:07:45 +02:00
Jérémy Lecour
e47371f347
Use bash, for proper readonly/local support
...
"readonly" is a safety bonus, but "local" is really important
not to overwrite variables from functions.
2017-10-19 11:05:54 +02:00
Jérémy Lecour
4d3ed7ed97
evoacme: remove a debug statement
2017-10-19 07:59:55 +02:00