nihilist/acme.sh
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,371 Commits 8 Branches 43 Tags 11 MiB
e09d45c844
Commit Graph

486 Commits

Author SHA1 Message Date
William Lallemand
e09d45c844 haproxy; don't use '*' in the filename for wildcard domain 
By default acme.sh uses the '*' character in the filename for wildcard.
That can be confusing within HAProxy since the * character in front of a
filename in the stat socket is used to specified an uncommitted
transaction.

This patch replace the '*' by a '_' in the filename.
This is only done when using the default filename, the name can still be
forced with an asterisk.
 2023-12-01 15:35:31 +01:00
William Lallemand
36fc321096 haproxy: use the master CLI for hot update 
DEPLOY_HAPROXY_MASTER_CLI allows to use the HAProxy master CLI instead
of a stats socket for DEPLOY_HAPROXY_HOT_UPDATE="yes"

The syntax of the master CLI is slightly different, a prefix with the
process number need to be added before any command.

This patch uses ${_cmdpfx} in front of every socat commands which is
filled when the master CLI is used.
 2023-11-30 15:22:51 +01:00
William Lallemand
98a7a01dbb haproxy: deploy script can add a new certificate over the stats socket 
DEPLOY_HAPROXY_HOT_UPDATE="yes" now allows to add a new certificate
within HAProxy instead of updating an existing one.

In order to work, the ${DEPLOY_HAPROXY_PEM_PATH} value must be used as a
parameter to the "crt" keyword in the haproxy configuration.

The patch uses the following commands over HAProxy stats socket:
- show ssl cert
- new ssl cert
- set ssl cert
- commit ssl cert
- add ssl crt-list
 2023-11-30 14:00:44 +01:00
William Lallemand
0f7be90500 haproxy: deploy script can update existing certificate over stats socket 
Since version 2.2, HAProxy is able to update dynamically certificates,
without a reload.

This patch uses socat to push the certificate into HAProxy in order to
achieve hot update. With this method, reloading is not required.
This should be used only to update an existing certificate in haproxy.

2 new variables are available:

- DEPLOY_HAPROXY_HOT_UPDATE="yes" update over the stats socket instead
  of reloading

- DEPLOY_HAPROXY_STATS_SOCKET="UNIX:/run/haproxy/admin.sock" set the path on
  the stats socket.
 2023-11-30 14:00:44 +01:00
William Lallemand
7aaf4432d4 haproxy: sanitize the PEM in the deploy script 
Sanitize the PEM of the haproxy deploy script by removing the '\n', this
way it could be injected directly over the CLI.
 2023-11-30 14:00:41 +01:00
neil
884a8995b4
Merge pull request #4853 from Max13/deploy/proxmoxve 
Fix typo in proxmoxve deploy hook
 2023-11-22 09:19:51 +01:00
Adnan RIHAN
00dbc3881f
Fixed variables 2023-11-01 20:02:16 +01:00
podguzovvasily
8ca5ca6594
Update haproxy.sh 
resolved issue with HAProxy https://github.com/acmesh-official/acme.sh/issues/4788
according https://serversforhackers.com/c/letsencrypt-with-haproxy
 2023-10-24 16:58:47 +03:00
Romeo Dumitrescu
87a7bde618 fix: Synology DSM API path regex 
Fix the regex for looking up the API path value from the Synology API query.
 2023-09-25 18:43:01 +03:00
Martin Arndt
b793dbf977
Fix device ID property name for DSM 6 2023-08-11 17:55:45 +02:00
Martin Arndt
d52b38777a
Fix Auth API access for DSM 6 2023-08-09 19:52:37 +02:00
sg1888
1984f44ffe Shell formatting 2023-07-18 20:18:12 +00:00
sg1888
02de281e40 Removed unused variable 2023-07-18 20:15:46 +00:00
sg1888
ae035deb92 Fixed shell check errors 2023-07-18 20:10:31 +00:00
sg1888
edd1b60c3d Removed ability to specify API key to facilitate future multiple host functionality. 2023-07-18 19:43:47 +00:00
sg1888
62a2ce1d35 Merge remote-tracking branch 'upstream/dev' into panos-ecc-fix 2023-07-12 00:22:03 +00:00
sg1888
b556908cab Modified ECC file test 2023-07-12 00:03:21 +00:00
sg1888
e69a19db5c Incorporated partial commit to address issue #4198 2023-07-11 23:56:41 +00:00
sg1888
d86414febb Excluded scopes for api key test 2023-07-11 23:41:24 +00:00
sg1888
832318fab1 Merge remote-tracking branch 'upstream/master' into panos-ecc-fix 2023-07-11 20:25:43 +00:00
Martin Arndt
0d7b831661
Fix variable initialization 2023-07-04 16:58:14 +02:00
Martin Arndt
0c9e4f67a8
Update synology_dsm.sh 
Split "[ && ]" into "[ ] && [ ]" to make ShellCheck happy
 2023-07-04 15:55:44 +02:00
Martin Arndt
db3f131dfc
Re-add deprecated SYNO_TOTP_SECRET part for legacy compatibility 
As requested in acmesh-official/acme.sh/pull/4646 by Neil Pang
 2023-07-04 15:47:19 +02:00
Martin Arndt
d7f58c64f8
Merge branch 'acmesh-official:master' into patch-1 2023-07-04 14:57:19 +02:00
Martin Arndt
0548ad2fc6
Fix debug output of session ID 2023-05-28 22:33:15 +02:00
Martin Arndt
623d615cd7
Remove external OTP dependency from synology_dsm.sh 
Also adapt to DSM 7's API improvements.
 2023-05-28 21:42:53 +02:00
sg1888
126df9647b Modified keytest to perform a partial empty commit 2023-05-24 18:51:57 +00:00
sg1888
2e2e7cd054 Added ability to force commit to firewall. Username is now also mandatory 2023-05-17 20:06:06 +00:00
sg1888
0ebc9f7a44 Fixed typo 2023-05-15 01:46:21 +00:00
sg1888
a8fba65cbd Cleaned up verbiage. Added ability to store / update user variable. Added ability to use user/pass OR key 2023-05-15 01:43:54 +00:00
sg1888
7623025b90 Fixes for POSIX sh shell 2023-04-24 18:45:50 +00:00
neilpang
b937665b90 minor 2023-04-23 13:18:17 +08:00
neilpang
a7bc2293c0 fix https://github.com/acmesh-official/acme.sh/issues/4612#issuecomment-1518929996 2023-04-23 13:16:12 +08:00
sg1888
df753e2619 Added functionality to save and reuse API key 2023-04-12 22:00:53 +00:00
sg1888
cbb7082afd Fixed bug with wildcard certs and ecc keys 2023-03-31 00:33:44 +00:00
neilpang
2690c05781 fix format 2023-01-28 15:28:06 +08:00
neilpang
e3b688c9d8 fix format 2023-01-28 15:26:54 +08:00
neilpang
41b6f18a5d fix format 2023-01-28 15:25:50 +08:00
neilpang
5a59c39036 fix format 2023-01-28 15:24:21 +08:00
neil
a02dd18ad7
Merge pull request #4414 from beartom/master 
Update truenas.sh to deploy certificate for TrueCharts
 2023-01-28 15:20:10 +08:00
neil
40002e8040
Merge pull request #4447 from PMExtra/feature/vault 
improve vault and vault_cli deployhooks
 2023-01-24 18:49:18 +08:00
neil
ffed1a4afa
Merge pull request #4468 from DreamOfIce/master 
Update deploy script for gcore
 2023-01-20 09:11:23 +08:00
冰雪殇璃陌梦
1bfd3642e8
Update gcore_cdn.sh 2023-01-19 10:19:05 +08:00
PMExtra
1ccfa96c2e improve logging 2022-12-28 02:47:49 +08:00
PMExtra
ed63eb6833 migrate FABIO to VAULT_FABIO_MODE and persist it 2022-12-23 19:34:31 +08:00
PMExtra
b8d0d3c242 improve chain.pem exists evaluating 2022-12-23 19:17:37 +08:00
PMExtra
fe1bfe9ae1 improve vault and vault_api deployhooks 2022-12-23 18:59:01 +08:00
neil
63869deeb2
Merge pull request #4091 from PMExtra/feature/ssh_scp 
Refact ssh hook to use deploy config, support scp and support specifying port
 2022-12-03 13:58:31 +08:00
beartom
bd2d0e6ad3
Format 
Format
 2022-11-28 20:59:10 +08:00
beartom
04a5d794ac
Update truenas.sh for certificate in chart release 
Update certificate in chart release of TrueCharts if any chart release Apps is using the same certificate as TrueNAS web UI.
 2022-11-27 21:55:01 +08:00