Compare commits
15 commits
Author | SHA1 | Date | |
---|---|---|---|
Jérémy Lecour | 692b50ebf9 | ||
Jérémy Lecour | 630da81b9e | ||
c3ebb21cd3 | |||
Jérémy Lecour | 9002c87ee7 | ||
Jérémy Lecour | 3da0006927 | ||
Jérémy Lecour | d169061c81 | ||
Jérémy Lecour | b52d983754 | ||
Jérémy Lecour | 86e64187cc | ||
Jérémy Lecour | 7b8896d3e8 | ||
Ludovic Poujol | ab10877ccc | ||
Jérémy Lecour | be1aaa36ca | ||
Jérémy Lecour | 9fe4dc24b9 | ||
Jérémy Lecour | 81e7548c73 | ||
Jérémy Lecour | 1fb604802b | ||
Jérémy Lecour | 4d46d4ffe0 |
43
CHANGELOG.md
43
CHANGELOG.md
|
@ -11,16 +11,55 @@ This project does not follow semantic versioning.
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
* remove usage of "acme" user, root does all the work
|
|
||||||
|
|
||||||
### Deprecated
|
### Deprecated
|
||||||
|
|
||||||
### Removed
|
### Removed
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
|
## [21.01] - 2021-01-07
|
||||||
|
|
||||||
|
### Added
|
||||||
|
|
||||||
|
* Do not upgrade certbot when executing the command
|
||||||
|
|
||||||
|
## [20.12] - 2020-12-01
|
||||||
|
|
||||||
|
### Fixed
|
||||||
|
|
||||||
|
* pass the proper value to RENEWED_LINEAGE environment variable
|
||||||
|
|
||||||
|
## [20.11] - 2020-11-19
|
||||||
|
|
||||||
|
### Added
|
||||||
|
|
||||||
|
* emulate certbot hooks environment variables
|
||||||
|
|
||||||
|
### Fixed
|
||||||
|
|
||||||
|
* exclude only hooks with .disable to execute hooks with .sh
|
||||||
|
* don't stop global execution when hooks return errors
|
||||||
|
|
||||||
|
## [20.08] - 2020-08-21
|
||||||
|
|
||||||
|
### Changed
|
||||||
|
|
||||||
|
* evoacme: use Let's Encrypt deploy hooks by default
|
||||||
|
|
||||||
### Security
|
### Security
|
||||||
|
|
||||||
|
## [20.06.1] - 2020-06-05
|
||||||
|
|
||||||
|
### Fixed
|
||||||
|
|
||||||
|
* fixed a bad logic for arguments parsing
|
||||||
|
|
||||||
|
## [20.06] - 2020-06-03
|
||||||
|
|
||||||
|
### Changed
|
||||||
|
|
||||||
|
* remove usage of "acme" user, root does all the work
|
||||||
|
|
||||||
## [19.11] - 2019-11-05
|
## [19.11] - 2019-11-05
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
18
evoacme.sh
18
evoacme.sh
|
@ -14,7 +14,7 @@ show_version() {
|
||||||
cat <<END
|
cat <<END
|
||||||
evoacme version ${VERSION}
|
evoacme version ${VERSION}
|
||||||
|
|
||||||
Copyright 2009-2019 Evolix <info@evolix.fr>,
|
Copyright 2009-2021 Evolix <info@evolix.fr>,
|
||||||
Victor Laborie <vlaborie@evolix.fr>,
|
Victor Laborie <vlaborie@evolix.fr>,
|
||||||
Jérémy Lecour <jlecour@evolix.fr>,
|
Jérémy Lecour <jlecour@evolix.fr>,
|
||||||
Benoit Série <bserie@evolix.fr>
|
Benoit Série <bserie@evolix.fr>
|
||||||
|
@ -208,6 +208,7 @@ main() {
|
||||||
[ "${TEST}" = "1" ] && CERTBOT_MODE="${CERTBOT_MODE} --test-cert"
|
[ "${TEST}" = "1" ] && CERTBOT_MODE="${CERTBOT_MODE} --test-cert"
|
||||||
[ "${QUIET}" = "1" ] && CERTBOT_MODE="${CERTBOT_MODE} --quiet"
|
[ "${QUIET}" = "1" ] && CERTBOT_MODE="${CERTBOT_MODE} --quiet"
|
||||||
[ "${DRY_RUN}" = "1" ] && CERTBOT_MODE="${CERTBOT_MODE} --dry-run"
|
[ "${DRY_RUN}" = "1" ] && CERTBOT_MODE="${CERTBOT_MODE} --dry-run"
|
||||||
|
[ "${CERTBOT_SELF_UPGRADE}" = "0" ] && CERTBOT_MODE="${CERTBOT_MODE} --no-self-upgrade"
|
||||||
|
|
||||||
local CERTBOT_REGISTRATION="--agree-tos"
|
local CERTBOT_REGISTRATION="--agree-tos"
|
||||||
if [ -n "${SSL_EMAIL}" ]; then
|
if [ -n "${SSL_EMAIL}" ]; then
|
||||||
|
@ -284,13 +285,19 @@ main() {
|
||||||
export EVOACME_CHAIN="${LIVE_CHAIN}"
|
export EVOACME_CHAIN="${LIVE_CHAIN}"
|
||||||
export EVOACME_FULLCHAIN="${LIVE_FULLCHAIN}"
|
export EVOACME_FULLCHAIN="${LIVE_FULLCHAIN}"
|
||||||
|
|
||||||
|
# emulate certbot hooks environment variables
|
||||||
|
export RENEWED_LINEAGE="${LIVE_DIR}"
|
||||||
|
export RENEWED_DOMAINS="${VHOST}"
|
||||||
|
|
||||||
# search for files in hooks directory
|
# search for files in hooks directory
|
||||||
for hook in $(find ${HOOKS_DIR} -type f); do
|
for hook in $(find ${HOOKS_DIR} -type f -executable | sort); do
|
||||||
|
set +e
|
||||||
# keep only executables files, not containing a "."
|
# keep only executables files, not containing a "."
|
||||||
if [ -x "${hook}" ] && (basename "${hook}" | grep -vqF "."); then
|
if [ -x "${hook}" ] && (basename "${hook}" | grep -vqF ".disable"); then
|
||||||
debug "Executing ${hook}"
|
debug "Executing ${hook}"
|
||||||
${hook}
|
${hook}
|
||||||
fi
|
fi
|
||||||
|
set -e
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -303,7 +310,7 @@ readonly QUIET=${QUIET:-"0"}
|
||||||
readonly TEST=${TEST:-"0"}
|
readonly TEST=${TEST:-"0"}
|
||||||
readonly DRY_RUN=${DRY_RUN:-"0"}
|
readonly DRY_RUN=${DRY_RUN:-"0"}
|
||||||
|
|
||||||
readonly VERSION="19.11"
|
readonly VERSION="21.01"
|
||||||
|
|
||||||
# Read configuration file, if it exists
|
# Read configuration file, if it exists
|
||||||
[ -r /etc/default/evoacme ] && . /etc/default/evoacme
|
[ -r /etc/default/evoacme ] && . /etc/default/evoacme
|
||||||
|
@ -314,8 +321,9 @@ readonly ACME_DIR=${ACME_DIR:-"/var/lib/letsencrypt"}
|
||||||
readonly CSR_DIR=${CSR_DIR:-"/etc/ssl/requests"}
|
readonly CSR_DIR=${CSR_DIR:-"/etc/ssl/requests"}
|
||||||
readonly CRT_DIR=${CRT_DIR:-"/etc/letsencrypt"}
|
readonly CRT_DIR=${CRT_DIR:-"/etc/letsencrypt"}
|
||||||
readonly LOG_DIR=${LOG_DIR:-"/var/log/evoacme"}
|
readonly LOG_DIR=${LOG_DIR:-"/var/log/evoacme"}
|
||||||
readonly HOOKS_DIR=${HOOKS_DIR:-"${CRT_DIR}/hooks"}
|
readonly HOOKS_DIR=${HOOKS_DIR:-"${CRT_DIR}/renewal-hooks/deploy"}
|
||||||
readonly SSL_MINDAY=${SSL_MINDAY:-"30"}
|
readonly SSL_MINDAY=${SSL_MINDAY:-"30"}
|
||||||
readonly SSL_EMAIL=${SSL_EMAIL:-""}
|
readonly SSL_EMAIL=${SSL_EMAIL:-""}
|
||||||
|
readonly CERTBOT_SELF_UPGRADE=${CERTBOT_SELF_UPGRADE:-"0"}
|
||||||
|
|
||||||
main ${ARGS}
|
main ${ARGS}
|
||||||
|
|
|
@ -13,7 +13,7 @@ show_version() {
|
||||||
cat <<END
|
cat <<END
|
||||||
make-csr version ${VERSION}
|
make-csr version ${VERSION}
|
||||||
|
|
||||||
Copyright 2009-2019 Evolix <info@evolix.fr>,
|
Copyright 2009-2021 Evolix <info@evolix.fr>,
|
||||||
Victor Laborie <vlaborie@evolix.fr>,
|
Victor Laborie <vlaborie@evolix.fr>,
|
||||||
Jérémy Lecour <jlecour@evolix.fr>,
|
Jérémy Lecour <jlecour@evolix.fr>,
|
||||||
Benoit Série <bserie@evolix.fr>
|
Benoit Série <bserie@evolix.fr>
|
||||||
|
@ -204,8 +204,8 @@ main() {
|
||||||
[ "$1" = "-V" ] || [ "$1" = "--version" ] && show_version && exit 0
|
[ "$1" = "-V" ] || [ "$1" = "--version" ] && show_version && exit 0
|
||||||
|
|
||||||
if [ -t 0 ]; then
|
if [ -t 0 ]; then
|
||||||
# We have STDIN, so we should have 2 arguments
|
# We have STDIN, so we should at least 2 arguments
|
||||||
[ "$#" -eq 2 ] || error "invalid argument(s)"
|
[ "$#" -ge 2 ] || error "invalid argument(s)"
|
||||||
|
|
||||||
# read VHOST from first argument
|
# read VHOST from first argument
|
||||||
VHOST="$1"
|
VHOST="$1"
|
||||||
|
@ -265,7 +265,7 @@ readonly ARGS=$@
|
||||||
readonly VERBOSE=${VERBOSE:-"0"}
|
readonly VERBOSE=${VERBOSE:-"0"}
|
||||||
readonly QUIET=${QUIET:-"0"}
|
readonly QUIET=${QUIET:-"0"}
|
||||||
|
|
||||||
readonly VERSION="19.11"
|
readonly VERSION="21.01"
|
||||||
|
|
||||||
# Read configuration file, if it exists
|
# Read configuration file, if it exists
|
||||||
[ -r /etc/default/evoacme ] && . /etc/default/evoacme
|
[ -r /etc/default/evoacme ] && . /etc/default/evoacme
|
||||||
|
|
|
@ -13,7 +13,7 @@ show_version() {
|
||||||
cat <<END
|
cat <<END
|
||||||
vhost-domains version ${VERSION}
|
vhost-domains version ${VERSION}
|
||||||
|
|
||||||
Copyright 2009-2019 Evolix <info@evolix.fr>,
|
Copyright 2009-2021 Evolix <info@evolix.fr>,
|
||||||
Victor Laborie <vlaborie@evolix.fr>,
|
Victor Laborie <vlaborie@evolix.fr>,
|
||||||
Jérémy Lecour <jlecour@evolix.fr>,
|
Jérémy Lecour <jlecour@evolix.fr>,
|
||||||
Benoit Série <bserie@evolix.fr>
|
Benoit Série <bserie@evolix.fr>
|
||||||
|
@ -170,7 +170,7 @@ readonly ARGS=$@
|
||||||
readonly VERBOSE=${VERBOSE:-"0"}
|
readonly VERBOSE=${VERBOSE:-"0"}
|
||||||
readonly QUIET=${QUIET:-"0"}
|
readonly QUIET=${QUIET:-"0"}
|
||||||
|
|
||||||
readonly VERSION="19.11"
|
readonly VERSION="21.01"
|
||||||
|
|
||||||
readonly SRV_IP=${SRV_IP:-""}
|
readonly SRV_IP=${SRV_IP:-""}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue