itamae-plugin-recipe-letsencrypt 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6d57482fc3ee6cbc81e4dcad691680b12bd17143
|
|
4
|
+
data.tar.gz: d4fd1e4c4e72ff288716db58ffb148a17fa9c1df
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 623fcaeaa4a1e8cf5bd67be21b8b1250499a76080bba6011f1e28f9be0dec20f06b0c4fee02fa68180cb8c8f938f2dbb4068ac91461302475c30731211b22824
|
|
7
|
+
data.tar.gz: 2a7d17b4b81bff06ea8d14ef86e68282d461a598591baf0622d1487607a9e42c58d751551b53131efd92537138f3f28e8d6f45335ac7584b49c5ff5584925304
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# Itamae::Plugin::Recipe::Letsencrypt
|
|
2
2
|
|
|
3
|
-
This gem is [itamae](https://github.com/ryotarai/itamae) plugin.
|
|
3
|
+
This gem is [itamae](https://github.com/ryotarai/itamae) plugin.
|
|
4
4
|
Get certificate of domain from [Let's Encrypt](https://letsencrypt.org/)
|
|
5
5
|
|
|
6
6
|
## Installation
|
|
@@ -22,7 +22,7 @@ Or install it yourself as:
|
|
|
22
22
|
## Support
|
|
23
23
|
- Debian GNU/Linux 8 (jessie)
|
|
24
24
|
|
|
25
|
-
I have not confirmed it in other environments yet
|
|
25
|
+
I have not confirmed it in other environments yet
|
|
26
26
|
I will check in turn
|
|
27
27
|
|
|
28
28
|
## Usage
|
|
@@ -44,12 +44,16 @@ letsencrypt:
|
|
|
44
44
|
cron_user: root
|
|
45
45
|
cron_file_path: /etc/cron.d/itamae-letsencrypt
|
|
46
46
|
cron_configuration: true
|
|
47
|
-
challenge_type: 'http-01' # port80 is http-01, port443 is tls-sni-01
|
|
47
|
+
challenge_type: 'http-01' # port80 is http-01, port443 is tls-sni-01
|
|
48
48
|
domains:
|
|
49
49
|
- test.example.com
|
|
50
50
|
- test2.example.com
|
|
51
|
+
authenticator: standalone # standalone, webroot
|
|
52
|
+
webroot_path: /var/www/example
|
|
53
|
+
debug_mode: false
|
|
51
54
|
```
|
|
52
55
|
|
|
56
|
+
**Process of the port selected by `challenge_type` needs to be stopped**
|
|
53
57
|
|
|
54
58
|
|
|
55
59
|
## Contributing
|
|
@@ -64,4 +68,3 @@ letsencrypt:
|
|
|
64
68
|
## License
|
|
65
69
|
|
|
66
70
|
The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
|
|
67
|
-
|
|
@@ -4,10 +4,17 @@ cron_text = <<-EOS
|
|
|
4
4
|
0 0 1 * * #{node[:letsencrypt][:cron_user]} #{node[:letsencrypt][:certbot_auto_path]} renew
|
|
5
5
|
EOS
|
|
6
6
|
|
|
7
|
-
|
|
8
|
-
|
|
7
|
+
file node[:letsencrypt][:cron_file_path] do
|
|
8
|
+
content cron_text
|
|
9
9
|
end
|
|
10
10
|
|
|
11
|
-
|
|
11
|
+
service_name = case node[:platform]
|
|
12
|
+
when 'amazon'
|
|
13
|
+
'crond'
|
|
14
|
+
else
|
|
15
|
+
'cron'
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
service service_name do
|
|
12
19
|
action :start
|
|
13
20
|
end
|
|
@@ -4,26 +4,47 @@ node.reverse_merge!(
|
|
|
4
4
|
cron_user: 'root',
|
|
5
5
|
cron_file_path: '/etc/cron.d/itamae-letsencrypt',
|
|
6
6
|
cron_configuration: true,
|
|
7
|
-
challenge_type: 'http-01'
|
|
7
|
+
challenge_type: 'http-01',
|
|
8
|
+
authenticator: 'standalone',
|
|
9
|
+
debug_mode: false,
|
|
8
10
|
}
|
|
9
11
|
)
|
|
10
12
|
|
|
11
13
|
execute 'download certbot-auto' do
|
|
12
14
|
command "wget https://dl.eff.org/certbot-auto -O #{node[:letsencrypt][:certbot_auto_path]}"
|
|
15
|
+
not_if "test -f #{node[:letsencrypt][:certbot_auto_path]}"
|
|
13
16
|
end
|
|
14
17
|
|
|
15
18
|
execute 'change certbot-auto permission' do
|
|
16
19
|
command "chmod a+x #{node[:letsencrypt][:certbot_auto_path]}"
|
|
20
|
+
not_if "test -x #{node[:letsencrypt][:certbot_auto_path]}"
|
|
17
21
|
end
|
|
18
22
|
|
|
19
23
|
execute 'install dependency package' do
|
|
20
|
-
|
|
24
|
+
cmd = "#{node[:letsencrypt][:certbot_auto_path]} -n --os-packages-only"
|
|
25
|
+
cmd << ' --debug' if node[:letsencrypt][:debug_mode]
|
|
26
|
+
command cmd
|
|
27
|
+
not_if "test -n \"$(#{cmd} --dry-run | grep 'OS packages installed.')\""
|
|
21
28
|
end
|
|
22
29
|
|
|
23
30
|
# get each domain certificate
|
|
24
31
|
node[:letsencrypt][:domains].each do |domain|
|
|
25
32
|
execute "get #{domain} certificate" do
|
|
26
|
-
|
|
33
|
+
cmd = [
|
|
34
|
+
node[:letsencrypt][:certbot_auto_path],
|
|
35
|
+
'certonly',
|
|
36
|
+
'--agree-tos',
|
|
37
|
+
"-d #{domain}",
|
|
38
|
+
"-m #{node[:letsencrypt][:email]}",
|
|
39
|
+
"-a #{node[:letsencrypt][:authenticator]}",
|
|
40
|
+
'--keep',
|
|
41
|
+
'-n',
|
|
42
|
+
"--preferred-challenges #{node[:letsencrypt][:challenge_type]}",
|
|
43
|
+
]
|
|
44
|
+
cmd << "-w #{node[:letsencrypt][:webroot_path]}" if node[:letsencrypt][:webroot_path]
|
|
45
|
+
cmd << '--debug' if node[:letsencrypt][:debug_mode]
|
|
46
|
+
command cmd.join(' ')
|
|
47
|
+
not_if "test -d /etc/letsencrypt/live/#{domain}"
|
|
27
48
|
end
|
|
28
49
|
end
|
|
29
50
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: itamae-plugin-recipe-letsencrypt
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Yusaku Hatanaka (hatappi)
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2017-02-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|