From: Lukas Schauer Date: Sun, 22 May 2016 20:34:28 +0000 (+0200) Subject: renamed "config.sh" to "config" X-Git-Tag: v0.3.0~27 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d5b285868e35992027599d25411d80dfd0bf1048;p=thirdparty%2Fdehydrated.git renamed "config.sh" to "config" --- diff --git a/.gitignore b/.gitignore index 64bb6a0..d7bfa9b 100644 --- a/.gitignore +++ b/.gitignore @@ -1,7 +1,7 @@ private_key.pem private_key.json domains.txt -config.sh +config hook.sh certs/* archive/* diff --git a/CHANGELOG b/CHANGELOG index 39c5fcb..a26cdf5 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -3,6 +3,7 @@ This file contains a log of major changes in letsencrypt.sh ## [x.x.x] - xxxx-xx-xx ## Changed +- Config is now named `config` instead of `config.sh`! - Location of domains.txt is now configurable via DOMAINS_TXT config variable ## [0.2.0] - 2016-05-22 diff --git a/README.md b/README.md index b86d816..3360e52 100644 --- a/README.md +++ b/README.md @@ -44,7 +44,7 @@ Parameters: --domain (-d) domain.tld Use specified domain name(s) instead of domains.txt entry (one certificate!) --force (-x) Force renew of certificate even if it is longer valid than value in RENEW_DAYS --privkey (-p) path/to/key.pem Use specified private key instead of account key (useful for revocation) - --config (-f) path/to/config.sh Use specified config file + --config (-f) path/to/config Use specified config file --hook (-k) path/to/hook.sh Use specified script for hooks --challenge (-t) http-01|dns-01 Which challenge should be used? Currently http-01 and dns-01 are supported --algo (-a) rsa|prime256v1|secp384r1 Which public key algorithm should be used? Supported: rsa, prime256v1 and secp384r1 diff --git a/docs/dns-verification.md b/docs/dns-verification.md index 071f0e4..0c07c3f 100644 --- a/docs/dns-verification.md +++ b/docs/dns-verification.md @@ -4,7 +4,7 @@ This script also supports the new `dns-01`-type verification. This type of verif You need a hook script that deploys the challenge to your DNS server! -The hook script (indicated in the config.sh file or the --hook/-k command line argument) gets four arguments: an operation name (clean_challenge, deploy_challenge, or deploy_cert) and some operands for that. For deploy_challenge $2 is the domain name for which the certificate is required, $3 is a "challenge token" (which is not needed for dns-01), and $4 is a token which needs to be inserted in a TXT record for the domain. +The hook script (indicated in the config file or the --hook/-k command line argument) gets four arguments: an operation name (clean_challenge, deploy_challenge, or deploy_cert) and some operands for that. For deploy_challenge $2 is the domain name for which the certificate is required, $3 is a "challenge token" (which is not needed for dns-01), and $4 is a token which needs to be inserted in a TXT record for the domain. Typically, you will need to split the subdomain name in two, the subdomain name and the domain name separately. For example, for "my.example.com", you'll need "my" and "example.com" separately. You then have to prefix "_acme-challenge." before the subdomain name, as in "_acme-challenge.my" and set a TXT record for that on the domain (e.g. "example.com") which has the value supplied in $4 diff --git a/docs/examples/config.sh.example b/docs/examples/config similarity index 93% rename from docs/examples/config.sh.example rename to docs/examples/config index db06bed..336c075 100644 --- a/docs/examples/config.sh.example +++ b/docs/examples/config @@ -2,10 +2,10 @@ # This is the main config file for letsencrypt.sh # # # # This file is looked for in the following locations: # -# $SCRIPTDIR/config.sh (next to this script) # -# /usr/local/etc/letsencrypt.sh/config.sh # -# /etc/letsencrypt.sh/config.sh # -# ${PWD}/config.sh (in current working-directory) # +# $SCRIPTDIR/config (next to this script) # +# /usr/local/etc/letsencrypt.sh/config # +# /etc/letsencrypt.sh/config # +# ${PWD}/config (in current working-directory) # # # # Default values of this config are in comments # ######################################################## diff --git a/docs/examples/domains.txt.example b/docs/examples/domains.txt similarity index 100% rename from docs/examples/domains.txt.example rename to docs/examples/domains.txt diff --git a/docs/examples/hook.sh.example b/docs/examples/hook.sh similarity index 100% rename from docs/examples/hook.sh.example rename to docs/examples/hook.sh diff --git a/docs/hook_chain.md b/docs/hook_chain.md index 9b44290..450c0fd 100644 --- a/docs/hook_chain.md +++ b/docs/hook_chain.md @@ -9,7 +9,7 @@ See below for an example on how the calls change: ### HOOK_CHAIN="no" (default behaviour) ``` -# INFO: Using main config file /etc/letsencrypt.sh/config.sh +# INFO: Using main config file /etc/letsencrypt.sh/config Processing lukas.im with alternative names: www.lukas.im + Checking domain name(s) of existing cert... unchanged. + Checking expire date of existing cert... @@ -37,7 +37,7 @@ HOOK: deploy_cert lukas.im /etc/letsencrypt.sh/certs/lukas.im/privkey.pem /etc/l ### HOOK_CHAIN="yes" ``` -# INFO: Using main config file /etc/letsencrypt.sh/config.sh +# INFO: Using main config file /etc/letsencrypt.sh/config Processing lukas.im with alternative names: www.lukas.im + Checking domain name(s) of existing cert... unchanged. + Checking expire date of existing cert... diff --git a/docs/staging.md b/docs/staging.md index f186243..ec18445 100644 --- a/docs/staging.md +++ b/docs/staging.md @@ -5,7 +5,7 @@ Let’s Encrypt has stringent rate limits in place during the public beta period If you start testing using the production endpoint (which is the default), you will quickly hit these limits and find yourself locked out. -To avoid this, please set the CA property to the Let’s Encrypt staging server URL in your `config.sh` file: +To avoid this, please set the CA property to the Let’s Encrypt staging server URL in your config file: ```bash CA="https://acme-staging.api.letsencrypt.org/directory" diff --git a/letsencrypt.sh b/letsencrypt.sh index 5c5411e..633b318 100755 --- a/letsencrypt.sh +++ b/letsencrypt.sh @@ -51,9 +51,9 @@ load_config() { # Check for config in various locations if [[ -z "${CONFIG:-}" ]]; then for check_config in "/etc/letsencrypt.sh" "/usr/local/etc/letsencrypt.sh" "${PWD}" "${SCRIPTDIR}"; do - if [[ -e "${check_config}/config.sh" ]]; then + if [[ -e "${check_config}/config" ]]; then BASEDIR="${check_config}" - CONFIG="${check_config}/config.sh" + CONFIG="${check_config}/config" break fi done @@ -859,7 +859,7 @@ main() { PARAM_ACCOUNT_KEY="${1}" ;; - # PARAM_Usage: --config (-f) path/to/config.sh + # PARAM_Usage: --config (-f) path/to/config # PARAM_Description: Use specified config file --config|-f) shift 1 diff --git a/test.sh b/test.sh index cda8be7..6c40405 100755 --- a/test.sh +++ b/test.sh @@ -96,10 +96,10 @@ mkdir -p .acme-challenges/.well-known/acme-challenge ) & # Generate config and create empty domains.txt -echo 'CA="https://testca.kurz.pw/directory"' > config.sh -echo 'LICENSE="https://testca.kurz.pw/terms/v1"' >> config.sh -echo 'WELLKNOWN=".acme-challenges/.well-known/acme-challenge"' >> config.sh -echo 'RENEW_DAYS="14"' >> config.sh +echo 'CA="https://testca.kurz.pw/directory"' > config +echo 'LICENSE="https://testca.kurz.pw/terms/v1"' >> config +echo 'WELLKNOWN=".acme-challenges/.well-known/acme-challenge"' >> config +echo 'RENEW_DAYS="14"' >> config touch domains.txt # Check if help command is working @@ -119,8 +119,8 @@ _CHECK_ERRORLOG # Temporarily move config out of the way and try signing certificate by using temporary config location _TEST "Try signing using temporary config location and with domain as command line parameter" -mv config.sh tmp_config.sh -./letsencrypt.sh --cron --domain "${TMP_URL}" --domain "${TMP2_URL}" -f tmp_config.sh > tmplog 2> errorlog || _FAIL "Script execution failed" +mv config tmp_config +./letsencrypt.sh --cron --domain "${TMP_URL}" --domain "${TMP2_URL}" -f tmp_config > tmplog 2> errorlog || _FAIL "Script execution failed" _CHECK_NOT_LOG "Checking domain name(s) of existing cert" _CHECK_LOG "Generating private key" _CHECK_LOG "Requesting challenge for ${TMP_URL}" @@ -129,11 +129,11 @@ _CHECK_LOG "Challenge is valid!" _CHECK_LOG "Creating fullchain.pem" _CHECK_LOG "Done!" _CHECK_ERRORLOG -mv tmp_config.sh config.sh +mv tmp_config config # Move private key and add new location to config mv private_key.pem account_key.pem -echo 'PRIVATE_KEY="./account_key.pem"' >> config.sh +echo 'PRIVATE_KEY="./account_key.pem"' >> config # Add third domain to command-lime, should force renewal. _TEST "Run in cron mode again, this time adding third domain, should force renewal." @@ -161,7 +161,7 @@ _CHECK_LOG "Skipping renew" _CHECK_ERRORLOG # Disable private key renew -echo 'PRIVATE_KEY_RENEW="no"' >> config.sh +echo 'PRIVATE_KEY_RENEW="no"' >> config # Run in cron mode one last time, with domain in domains.txt and force-resign (should find certificate, resign anyway, and not generate private key) _TEST "Run in cron mode one last time, with domain in domains.txt and force-resign" @@ -189,7 +189,7 @@ rm account_key.pem # Check if renewal works _TEST "Run in cron mode again, to check if renewal works" -echo 'RENEW_DAYS="300"' >> config.sh +echo 'RENEW_DAYS="300"' >> config ./letsencrypt.sh --cron > tmplog 2> errorlog || _FAIL "Script execution failed" _CHECK_LOG "Checking domain name(s) of existing cert... unchanged." _CHECK_LOG "Renewing!"