Ревізії gist:4cc1e9ca87c0495397c7e51f647bd408

Jan Wagner ревизій цього gist 4 years ago. До ревизії

1 file changed, 1 insertion, 1 deletion

deploy_dehydrated.sh

			@@ -11,7 +11,7 @@ if [ "$(lsb_release -cs)" = "jessie" ]; then
11	11		fi
12	12		PACKAGES="dehydrated dehydrated-apache2"
13	13
14		-	apt-get install ${BPO} ${PACKAGES}
	14	+	apt-get install -y ${BPO} ${PACKAGES}
15	15
16	16		if [ ! -x ${CRON} ]; then
17	17		cat > ${CRON} <<EOF

Jan Wagner ревизій цього gist 5 years ago. До ревизії

1 file changed, 1 insertion, 6 deletions

README.md

			@@ -22,12 +22,7 @@ If you are hit by [Provided agreement URL ... does not match current agreement U
22	22
23	23		## Linking certs and keys into usual places:
24	24		```
25		-	for CERT in $(awk {'print $1'} /etc/dehydrated/domains.txt); do\
26		-	[ -f /var/lib/dehydrated/certs/${CERT}/privkey.pem ] && ! [ -L /etc/ssl/private/${CERT}.key ] && \
27		-	ln -s /var/lib/dehydrated/certs/${CERT}/privkey.pem /etc/ssl/private/${CERT}.key;\
28		-	[ -f /var/lib/dehydrated/certs/${CERT}/fullchain.pem ] && ! [ -L /etc/ssl/certs/${CERT}.pem ] && \
29		-	ln -s /var/lib/dehydrated/certs/${CERT}/fullchain.pem /etc/ssl/certs/${CERT}.pem;\
30		-	done
	25	+	/usr/local/sbin/dehydrated_create_links
31	26		```
32	27
33	28		For distributed setups you might want to have a look into [Using redirects](https://nekudo.com/blog/letsencrypt-in-a-multiserver-environment) or [Use and automate letsencrypt certificates (ACME) in an high-availability environment](https://chr4.org/blog/2016/11/14/use-letsencrypt-acme-in-an-high-availability-environment/).

Jan Wagner ревизій цього gist 5 years ago. До ревизії

1 file changed, 1 insertion, 1 deletion

deploy_dehydrated.sh

			@@ -23,7 +23,7 @@ fi
23	23
24	24		cat > ${LINKSCRIPT} << EOF
25	25		#!/bin/bash
26		-	for CERT in \$(awk {'print $1'} /etc/dehydrated/domains.txt); do [ -f /var/lib/dehydrated/certs/\${CERT}/privkey.pem ] && ! [ -L /etc/ssl/private/\${CERT}.key ] && ln -s /var/lib/dehydrated/certs/\${CERT}/privkey.pem /etc/ssl/private/\${CERT}.key; [ -f /var/lib/dehydrated/certs/\${CERT}/fullchain.pem ] && ! [ -L /etc/ssl/certs/\${CERT}.pem ] && ln -s /var/lib/dehydrated/certs/\${CERT}/fullchain.pem /etc/ssl/certs/\${CERT}.pem;done
	26	+	for CERT in \$(awk {'print \$1'} /etc/dehydrated/domains.txt); do [ -f /var/lib/dehydrated/certs/\${CERT}/privkey.pem ] && ! [ -L /etc/ssl/private/\${CERT}.key ] && ln -s /var/lib/dehydrated/certs/\${CERT}/privkey.pem /etc/ssl/private/\${CERT}.key; [ -f /var/lib/dehydrated/certs/\${CERT}/fullchain.pem ] && ! [ -L /etc/ssl/certs/\${CERT}.pem ] && ln -s /var/lib/dehydrated/certs/\${CERT}/fullchain.pem /etc/ssl/certs/\${CERT}.pem;done
27	27		EOF
28	28		chmod +x ${LINKSCRIPT}
29	29

Jan Wagner ревизій цього gist 5 years ago. До ревизії

1 file changed, 1 insertion, 1 deletion

deploy_dehydrated.sh

			@@ -23,7 +23,7 @@ fi
23	23
24	24		cat > ${LINKSCRIPT} << EOF
25	25		#!/bin/bash
26		-	for CERT in \$(awk {'print $1'} /etc/dehydrated/domains.txt); do [ -f /var/lib/dehydrated/certs/£${CERT}/privkey.pem ] && ! [ -L /etc/ssl/private/\${CERT}.key ] && ln -s /var/lib/dehydrated/certs/\${CERT}/privkey.pem /etc/ssl/private/\${CERT}.key; [ -f /var/lib/dehydrated/certs/\${CERT}/fullchain.pem ] && ! [ -L /etc/ssl/certs/\${CERT}.pem ] && ln -s /var/lib/dehydrated/certs/\${CERT}/fullchain.pem /etc/ssl/certs/\${CERT}.pem;done
	26	+	for CERT in \$(awk {'print $1'} /etc/dehydrated/domains.txt); do [ -f /var/lib/dehydrated/certs/\${CERT}/privkey.pem ] && ! [ -L /etc/ssl/private/\${CERT}.key ] && ln -s /var/lib/dehydrated/certs/\${CERT}/privkey.pem /etc/ssl/private/\${CERT}.key; [ -f /var/lib/dehydrated/certs/\${CERT}/fullchain.pem ] && ! [ -L /etc/ssl/certs/\${CERT}.pem ] && ln -s /var/lib/dehydrated/certs/\${CERT}/fullchain.pem /etc/ssl/certs/\${CERT}.pem;done
27	27		EOF
28	28		chmod +x ${LINKSCRIPT}
29	29

Jan Wagner ревизій цього gist 5 years ago. До ревизії

1 file changed, 3 insertions, 2 deletions

deploy_dehydrated.sh

			@@ -3,6 +3,7 @@ CRON="/etc/cron.daily/dehydrated_autorenew"
3	3		CONFIGURL="https://gist.githubusercontent.com/waja/8df78afb09691e4f383d818685f48885/raw/local.sh"
4	4		CONFIGNAME="$(basename ${CONFIGURL})"
5	5		CONFIGPATH="/etc/dehydrated/conf.d/"
	6	+	LINKSCRIPT="/usr/local/sbin/dehydrated_create_links"
6	7		HOOKNAME="hook.sh"
7	8		HOOKPATH="/etc/dehydrated/"
8	9		if [ "$(lsb_release -cs)" = "jessie" ]; then
			@@ -20,11 +21,11 @@ EOF
20	21		chmod +x ${CRON}
21	22		fi
22	23
23		-	cat > /usr/local/sbin/dehydrated_create_links << EOF
	24	+	cat > ${LINKSCRIPT} << EOF
24	25		#!/bin/bash
25	26		for CERT in \$(awk {'print $1'} /etc/dehydrated/domains.txt); do [ -f /var/lib/dehydrated/certs/£${CERT}/privkey.pem ] && ! [ -L /etc/ssl/private/\${CERT}.key ] && ln -s /var/lib/dehydrated/certs/\${CERT}/privkey.pem /etc/ssl/private/\${CERT}.key; [ -f /var/lib/dehydrated/certs/\${CERT}/fullchain.pem ] && ! [ -L /etc/ssl/certs/\${CERT}.pem ] && ln -s /var/lib/dehydrated/certs/\${CERT}/fullchain.pem /etc/ssl/certs/\${CERT}.pem;done
26	27		EOF
27		-	chmod +x /usr/local/sbin/dehydrated_create_links
	28	+	chmod +x ${LINKSCRIPT}
28	29
29	30		# Fix #941414 (for now)
30	31		sed -i "s/grep Replay-Nonce:/grep -i ^Replay-Nonce:/" /usr/bin/dehydrated

Jan Wagner ревизій цього gist 5 years ago. До ревизії

1 file changed, 6 insertions

deploy_dehydrated.sh

			@@ -20,6 +20,12 @@ EOF
20	20		chmod +x ${CRON}
21	21		fi
22	22
	23	+	cat > /usr/local/sbin/dehydrated_create_links << EOF
	24	+	#!/bin/bash
	25	+	for CERT in \$(awk {'print $1'} /etc/dehydrated/domains.txt); do [ -f /var/lib/dehydrated/certs/£${CERT}/privkey.pem ] && ! [ -L /etc/ssl/private/\${CERT}.key ] && ln -s /var/lib/dehydrated/certs/\${CERT}/privkey.pem /etc/ssl/private/\${CERT}.key; [ -f /var/lib/dehydrated/certs/\${CERT}/fullchain.pem ] && ! [ -L /etc/ssl/certs/\${CERT}.pem ] && ln -s /var/lib/dehydrated/certs/\${CERT}/fullchain.pem /etc/ssl/certs/\${CERT}.pem;done
	26	+	EOF
	27	+	chmod +x /usr/local/sbin/dehydrated_create_links
	28	+
23	29		# Fix #941414 (for now)
24	30		sed -i "s/grep Replay-Nonce:/grep -i ^Replay-Nonce:/" /usr/bin/dehydrated
25	31

Jan Wagner ревизій цього gist 6 years ago. До ревизії

1 file changed, 3 insertions

deploy_dehydrated.sh

			@@ -20,6 +20,9 @@ EOF
20	20		chmod +x ${CRON}
21	21		fi
22	22
	23	+	# Fix #941414 (for now)
	24	+	sed -i "s/grep Replay-Nonce:/grep -i ^Replay-Nonce:/" /usr/bin/dehydrated
	25	+
23	26		[ -f ${CONFIGPATH}/${CONFIGNAME} ] \|\| wget ${CONFIGURL} -O ${CONFIGPATH}/${CONFIGNAME}
24	27
25	28		sed -i "s/^CONTACT_EMAIL=*/CONTACT_EMAIL=${1}/" ${CONFIGPATH}/${CONFIGNAME}

Jan Wagner ревизій цього gist 6 years ago. До ревизії

1 file changed, 2 insertions, 2 deletions

README.md

			@@ -1,4 +1,4 @@
1		-	Deploying [dehydrated](http://dehydrated.de) for apache2 on Debian Jessie:
	1	+	## Deploying [dehydrated](http://dehydrated.de) for apache2 on Debian Jessie:
2	2
3	3		```
4	4		wget https://gist.githubusercontent.com/waja/8df78afb09691e4f383d818685f48885/raw/deploy_dehydrated.sh \
			@@ -20,7 +20,7 @@ If you are hit by [Provided agreement URL ... does not match current agreement U
20	20		/usr/bin/dehydrated -c --accept-terms && /etc/cron.daily/dehydrated_autorenew
21	21		```
22	22
23		-	Linking certs and keys into usual places:
	23	+	## Linking certs and keys into usual places:
24	24		```
25	25		for CERT in $(awk {'print $1'} /etc/dehydrated/domains.txt); do\
26	26		[ -f /var/lib/dehydrated/certs/${CERT}/privkey.pem ] && ! [ -L /etc/ssl/private/${CERT}.key ] && \

waja ревизій цього gist 7 years ago. До ревизії

1 file changed, 1 insertion, 1 deletion

deploy_dehydrated.sh

			@@ -15,7 +15,7 @@ apt-get install ${BPO} ${PACKAGES}
15	15		if [ ! -x ${CRON} ]; then
16	16		cat > ${CRON} <<EOF
17	17		#!/bin/bash
18		-	test -x /usr/bin/dehydrated && /usr/bin/dehydrated -c \| grep -v -E "(^#\|^Processing\|Skipping renew\|unchanged\|Checking expire date of existing cert\|Certificate will not expire\|^$)"; exit 0
	18	+	test -x /usr/bin/dehydrated && /usr/bin/dehydrated -c -g \| grep -v -E "(^#\|^Processing\|Skipping renew\|unchanged\|Checking expire date of existing cert\|Certificate will not expire\|^$)"; exit 0
19	19		EOF
20	20		chmod +x ${CRON}
21	21		fi

Jan Wagner ревизій цього gist 8 years ago. До ревизії

1 file changed, 7 insertions, 1 deletion

README.md

			@@ -14,6 +14,12 @@ Running the cronjob for initial request of certs:
14	14		/etc/cron.daily/dehydrated_autorenew
15	15		```
16	16
	17	+	If you are hit by [Provided agreement URL ... does not match current agreement URL ...](https://github.com/lukas2511/dehydrated/issues/248) you need to use at least dehydrated 0.4.0, for example from stretch-backports. Use:
	18	+
	19	+	```
	20	+	/usr/bin/dehydrated -c --accept-terms && /etc/cron.daily/dehydrated_autorenew
	21	+	```
	22	+
17	23		Linking certs and keys into usual places:
18	24		```
19	25		for CERT in $(awk {'print $1'} /etc/dehydrated/domains.txt); do\
			@@ -24,4 +30,4 @@ for CERT in $(awk {'print $1'} /etc/dehydrated/domains.txt); do\
24	30		done
25	31		```
26	32
27		-	For distributed setups you might want to have a look into [Using redirects](https://nekudo.com/blog/letsencrypt-in-a-multiserver-environment) or [Use and automate letsencrypt certificates (ACME) in an high-availability environment](https://chr4.org/blog/2016/11/14/use-letsencrypt-acme-in-an-high-availability-environment/).
	33	+	For distributed setups you might want to have a look into [Using redirects](https://nekudo.com/blog/letsencrypt-in-a-multiserver-environment) or [Use and automate letsencrypt certificates (ACME) in an high-availability environment](https://chr4.org/blog/2016/11/14/use-letsencrypt-acme-in-an-high-availability-environment/).