neil
e275cb1efd
fix shellcheck warnings
2022-11-23 21:33:29 +08:00
neil
60315e5b91
fix shellcheck warnings
2022-11-23 21:28:17 +08:00
neil
6c8a623b88
Merge pull request #4329 from lippertmarkus/patch-1
...
[Deploy: synology_dsm] Make usage of DID with 2FA working for DSM 7
2022-10-05 14:18:37 +08:00
sasburg
e02f07d356
add parked_domans
2022-10-01 18:11:46 -07:00
sasburg
2c90d220b8
Updated comment to reflect the change to function
2022-10-01 17:47:13 -07:00
Markus Lippert
a7dd86de71
fix(deploy-synology_dsm): support DID with DSM 7
2022-09-29 12:22:45 +02:00
srirams
c541a2e5de
add addon_domans
2022-09-28 18:22:13 -05:00
Danny Tix
b44ba0d21a
Add wildcard deployment to cpanel_uapi
2022-08-17 23:51:23 -08:00
neil
afc0097b12
Merge pull request #4139 from wsellitti/proxmoxve
...
deploy api script to upload certs to proxmox using proxmox api
2022-07-11 22:23:02 +08:00
neil
4e9f971c91
Merge pull request #4170 from SecT0uch/patch-1
...
Fix ecc certificates
2022-07-11 22:13:24 +08:00
Ry3nlNaToR
41801a60ad
Also restart postfix
2022-07-09 14:30:18 +01:00
Jordan ERNST
2cbf1259a8
Fix for ECC certificates
2022-07-07 17:20:23 +02:00
neil
9b79743c5d
Update proxmoxve.sh
2022-06-23 14:12:53 +08:00
neil
a386826808
Update proxmoxve.sh
2022-06-23 14:11:36 +08:00
neil
668894fc4d
Update proxmoxve.sh
2022-06-23 14:08:24 +08:00
William Sellitti
799f509ba9
typo
2022-06-22 23:19:12 -04:00
William Sellitti
b3b4811b2c
added savedeployconf to preserve environment variables usedi in initial deployments
2022-06-19 22:01:56 -04:00
William Sellitti
966e4246e5
Merge branch 'proxmoxve' of gitlab.lan.home.wesitcllc.com:software/upstream/acme.sh into proxmoxve
2022-06-19 01:49:51 -04:00
William Sellitti
9377c4f3ad
Merge branch 'proxmoxve' of github.com:wsellitti/acme.sh into proxmoxve
2022-06-19 01:46:45 -04:00
William Sellitti
b876128635
forced content-type to json
2022-06-19 01:46:10 -04:00
William Sellitti
c0da801580
Revert "'+' are being converted to ' ' at some point"
...
This reverts commit 149310e1ec
.
2022-06-18 17:00:36 -04:00
William Sellitti
149310e1ec
'+' are being converted to ' ' at some point
2022-06-18 16:58:15 -04:00
William Sellitti
4e625c18dc
Revert "seems like the escaped new lines aren't remaining escaped new lines with the new version of curl"
...
This reverts commit a5d5113be3
.
2022-06-18 16:56:46 -04:00
William Sellitti
a5d5113be3
seems like the escaped new lines aren't remaining escaped new lines with the new version of curl
2022-06-18 16:55:12 -04:00
William Sellitti
7900c493af
debugging for the payload
2022-06-18 16:43:25 -04:00
William Sellitti
76fe5d8831
those where flipped by mistake
2022-06-18 16:39:32 -04:00
William Sellitti
37031721dd
typo
2022-06-18 15:52:18 -04:00
William Sellitti
3cc283cbee
not generating files any more
2022-06-18 15:44:25 -04:00
William Sellitti
35cf98fff2
sensititive things debugged at a higher level
2022-06-18 15:41:38 -04:00
William Sellitti
ca41ea2d5c
added _getdeployconf to set all of the environment variables
2022-06-18 15:40:05 -04:00
William Sellitti
daffc4e6a4
typo, using _H1 to provide header keys.
2022-06-18 12:21:14 -04:00
William Sellitti
5f3cb9019b
fixed to use _post function instead of curl
2022-06-18 12:18:33 -04:00
neil
7be7586971
Update proxmoxve.sh
2022-06-18 15:01:38 +08:00
William Sellitti
6d64098288
shell check war warning against unnecessary use of cat
2022-06-14 23:46:09 -04:00
William Sellitti
4351110082
properly quoted variable names
2022-06-14 22:38:06 -04:00
William Sellitti
6652138d3e
fixed per shellcheck's preference for -n
instead of ! -z
2022-06-14 22:33:38 -04:00
William Sellitti
c8d0d475e4
deploy api script to upload certs to proxmox using proxmox api
2022-06-11 13:49:31 -04:00
Debian Bear
b169a5c707
change _dbase64 to single line
2022-06-08 22:44:10 +08:00
neil
d2a9d731ed
Update ssh.sh
2022-05-24 22:25:44 +08:00
PM Extra
3ce7d410c8
improve doc comments
2022-05-14 22:59:02 +08:00
PM Extra
74f28021e7
fix format again
2022-05-14 22:49:40 +08:00
PM Extra
f90cbb636a
fix format
2022-05-14 22:41:59 +08:00
PM Extra
c8929ca0cb
support specifying port for each host
2022-05-14 22:29:48 +08:00
PM Extra
9fb5bb620d
refact ssh hook to use deploy config
2022-05-14 22:28:02 +08:00
PM Extra
ed58f32052
Merge branch 'dev' into feature/ssh_scp
2022-05-14 15:43:26 +08:00
quthla
08ae8cc3cb
Fix
2022-04-11 11:39:21 +02:00
quthla
201673ca8a
Store Mailcow deploy parameters
2022-04-11 00:29:55 +02:00
neil
6fb8c0ec4c
Merge pull request #3989 from abiessmann/deploy_routeros_handle_remote_errors
...
deploy/routeros: handle errors
2022-03-20 13:30:58 +08:00
neil
499ea07934
Merge pull request #3993 from imgrant/deploy-truenas-s3-feature
...
feat: Configure TrueNAS S3 certificate
2022-03-20 12:34:58 +08:00
Ian Grant
afa06267a2
style: Neaten up some of the info & error messages, fix some typos
2022-03-19 20:39:48 +00:00
Ian Grant
d4a6d9c076
fix: Adjust the sed extraction of certificate ID from JSON response
...
Prior to this, an error in the regex didn't match. Resolves #3992 (TrueNAS deploy hook fails to set certificate for FTP or WebDAV)
2022-03-19 20:38:47 +00:00
Ian Grant
c3f6112443
feat: Configure certificate for TrueNAS S3 service (MinIO)
2022-03-19 20:36:11 +00:00
Andreas Bießmann
3411b736dd
deploy/routeros: add error handling for scp
...
In order to stop processing on failure to copy certificate
to remote side, fail on error of scp command.
Signed-off-by: Andreas Bießmann <andreas@biessmann.org>
2022-03-18 09:10:12 +01:00
Andreas Bießmann
c603b9c40b
deploy/routeros: add error handling for ssh
...
In order to detect errorneous scripts on remote side, catch return code
and handle it respectively.
Signed-off-by: Andreas Bießmann <andreas@biessmann.org>
Reviewed-by: Ross Shen @sjtuross
2022-03-18 09:07:59 +01:00
Andreas Bießmann
9d6d96adf3
deploy/routeros.sh: fix routeros script
...
Commit c46ceb06b4
introduced an error in
routeros script.
Fix it!
Signed-off-by: Andreas Bießmann <andreas@biessmann.org>
2022-03-17 12:24:42 +01:00
fradev
b37bf06de8
Update ssh.sh
2022-03-01 17:57:59 +01:00
fradev
27bbf0ccaf
Merge branch 'acmesh-official:master' into master
2022-03-01 17:44:46 +01:00
Andreas Bießmann
c46ceb06b4
deploy/routeros.sh: change DEPLOY_SCRIPT_CMD
...
This set the owner of script to ssh user, have the comment line in script
as real comment and removes policy since this is set from current user,
at least for RouterOS 7.x.
Signed-off-by: Andreas Bießmann <andreas@biessmann.org>
2022-02-19 14:13:01 +01:00
Andreas Bießmann
92e4ecce3b
deploy/routeros.sh: remove all certificates
...
As the script is applying the fullchain which includes three certificates,
delete all of them before applying updated certificate.
Signed-off-by: Andreas Bießmann <andreas@biessmann.org>
2022-02-19 14:13:01 +01:00
Andreas Bießmann
8a2f673903
deploy/routeros.sh: make ssh/scp configurable
...
In order to modify ssh/scp commands make them configurable via
environment variables.
Signed-off-by: Andreas Bießmann <andreas@biessmann.org>
2022-02-19 14:12:59 +01:00
Mac_Zhou
205e95a246
Add environment variables ROUTER_OS_PORT
2022-02-10 11:29:09 +08:00
John Elliott
3a99a77104
Update return statement
2022-02-07 21:55:12 -08:00
John Elliott
5ce8050e46
Update missing oathtool check
2022-02-07 11:58:14 -08:00
John Elliott
5ae3a020bd
Add err log for missing oathtool in Synology
...
Alerts the user that the oathtool is missing and the TOTP can't be
generated.
2022-02-07 11:53:24 -08:00
Ross Shen
67c990e8cf
omv deploy hook: add usage comments
2022-01-20 17:46:47 +08:00
Ross Shen
0292e20c86
omv deploy hook: support both local and remote deployment
2022-01-20 17:27:11 +08:00
Ross Shen
a78a4e6716
omv deploy hook: shellcheck disable=SC2029
2022-01-19 21:42:17 +08:00
Ross Shen
6bbf927f57
omv deploy hook: separate DEPLOY_OMV_WEBUI_ADMIN and DEPLOY_OMV_SSH_USER
2022-01-19 21:13:02 +08:00
Ross Shen
dca9def42c
add remote deploy hook for openmediavault 5
...
based on #3757
2022-01-19 12:36:54 +08:00
Ross Shen
edee7ea284
routeros deploy hook: store the env vars within the domainconf
...
related to #2344 and #2413
2022-01-16 20:46:09 +08:00
neil
658d09ed84
Merge pull request #3396 from F-Plass/master
...
deploy scipt for TrueNAS Server using REST API
2022-01-16 08:17:49 +08:00
Sergey Pashinin
7e7291ace9
Support Vault KV v2 ( #3502 )
2022-01-09 11:01:38 +08:00
neil
c959d64099
Merge pull request #3807 from dacrystal/topic/synology_dsm-otp_code
...
Add SYNO_TOTP_SECRET for user with two-factor authentication enabled
2022-01-08 20:03:13 +08:00
Frank Wall
6aa1ec0802
deploy/fritzbox: allow hook to be used with multiple fritzboxes
...
Previously the deploy hook config was stored in the account config.
This seems odd and adds unnecessary limitations to the hook.
Now we're using the correct _*deployconf() functions to read and
write the deploy hook config.
2022-01-06 16:20:43 +01:00
fradev
71a32477e4
Merge branch 'acmesh-official:master' into master
2021-12-20 09:28:19 +01:00
F-Plass
b203f2abaa
Merge branch 'acmesh-official:master' into master
2021-12-03 17:18:44 +01:00
Nasser Alansari
4635dacf7f
Add SYNO_TOTP_SECRET for user with two-factor authentication
2021-11-13 13:01:38 +03:00
F-Plass
3bcb91f6ae
Update truenas.sh
...
solved the problem of UI-Restart after 12.0-U3
2021-11-11 23:03:00 +01:00
Miguel Angelo
a31ed4a723
Notify user about a possible problem when using synology_dsm.sh with 2fa enabled user account
2021-11-01 01:40:14 -03:00
neil
fba6de76b1
Merge pull request #3687 from gstrauss/use-getdeployconf
...
use _getdeployconf instead of sourcing DOMAIN_CONF
2021-10-01 12:41:12 +08:00
Glenn Strauss
8419b42e83
use ${ACME_OPENSSL_BIN:-openssl} instead of openssl
...
(requested by @Neilpang in #3687 )
2021-09-30 19:00:39 -04:00
Nookery
2447fccf1e
name="snis" => name="snis[]"
...
kong 2.5.x,snis参数是一个数组
2021-09-04 16:59:50 +08:00
Glenn Strauss
c43c711f72
use _getdeployconf instead of sourcing DOMAIN_CONF
...
(requested by @Neilpang in #3394 )
github: closes #3394
2021-09-01 16:37:10 -04:00
Michael Weber
f354e6de69
lighttpd deploy hook
...
* verbatim copy from haproxy.sh, s/haproxy/lighttpd
* enable issuer
2021-09-01 16:33:24 -04:00
fradev
08d60fcbf2
Update ssh.sh
...
shfmt formatting
2021-08-30 11:32:07 +02:00
fradev
4cda54774a
Update ssh.sh
...
SC2086 and SC2215
2021-08-30 11:17:03 +02:00
fradev
613475ac26
Update ssh.sh
2021-08-30 11:08:06 +02:00
fradev
20d23fcb92
Update ssh.sh
...
Added scp mode for copy the certs
2021-08-25 16:55:36 +02:00
neil
f41f93af3a
Merge pull request #3491 from bgarret/consul-deploy-hook
...
Consul deploy hooks
2021-06-24 20:25:01 +08:00
Brian Hartvigsen
dcb51683c5
shellcheck cleanup
...
shellcheck sees '\\' as trying to escape the trailing quote (see
koalaman/shellcheck#1548 ).
2021-05-26 15:25:58 -06:00
Brian Hartvigsen
74a4a788b1
Make certificate descriptions sed safe
...
This escapes special characters used in POSIX sed to prevent mismatches.
e.g. `SYNO_Certficiate=*.example.com` would not match a description of
"*.example.com" and would look to match any number of double quotes (the
last character in the sed regex prior to certificate description),
followed by any single character, followed by "example", followed by any
character, followed by "com".
After this change, it will properly match `*.example.com` and not
`""zexamplefcom`.
Additionally we now store the certificate description as base64 encoded
to prevent issues with single quotes.
Tested on DSM 7.0-41222 (VDSM) and DSM 6.2.4-25556 (DS1515+).
2021-05-26 15:25:58 -06:00
Brian Hartvigsen
5ab9ca1c0d
Better fix for Synology DSM setting wrong default
...
As noted by @buxm, previous fix didn't work for all versions of DSM 6.
The better fix appears to be simply not outputting the "as_default"
parameter unless we are doing something with the default certificate.
2021-05-19 13:21:34 -06:00
Benoit Garret
07afc4953a
Fix the shfmt check
2021-05-07 12:12:30 +02:00
neil
8c14150536
Merge pull request #3350 from temoffey/deploy-gcore_cdn
...
Deploy gcore_cdn fix
2021-05-05 23:48:37 +08:00
Benoit Garret
c127903127
Add Consul deploy hook
2021-05-05 10:01:09 +02:00
Brian Hartvigsen
1a4a180e8c
FIX: Synology sets "default" on wrong certificate
...
For some DSM installs, it appears that setting the "default" flag to the
string "false" actually sets it to true. This causes Synology to set
the last updated certificate to be the default certificate. Using an
empty string appears to still be accepted as a false-y value for DSMs
where this isn't happening and corrects the behavior in the cases that
it was.
Credit to @Run-King for identifying the fix and @buxm for reporting.
2021-05-02 13:37:59 -06:00
neil
e71238571a
Merge pull request #3464 from jpbede/cleverreach-deploy-sublient
...
CleverReach Deploy Hook: Allow deploy to agency subaccounts
2021-04-04 19:03:33 +08:00
Jan-Philipp Benecke
2867ec509e
Make CI happy
2021-03-30 09:18:33 +02:00
Jan-Philipp Benecke
d853a9ebbe
Make uploading cert to subaccount possible
2021-03-30 09:13:32 +02:00
Christophe Le Guern
cc90f83463
Use 'vault kv put' instead of 'vault write'
...
When using vault_cli with a kv2 path, it isn't working. I have the following error:
```
WARNING! The following warnings were returned from Vault:
* Invalid path for a versioned K/V secrets engine. See the API docs for the
appropriate API endpoints to use. If using the Vault CLI, use 'vault kv put'
for this operation.
```
The new way to write data is to use `vault kv put`, it is compatible with kv1 and kv2.
Ref: https://www.vaultproject.io/docs/commands#reading-and-writing-data
```
The original version of K/V used the common read and write operations. A more advanced K/V Version 2 engine was released in Vault 0.10 and introduced the kv get and kv put commands.
```
2021-03-29 15:10:14 +02:00