Mirror
/
acmed
mirror of https://github.com/breard-r/acmed.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
566 Commits
13 Branches
28 Tags
2.5 MiB
Tree: 2376d83d01
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '2376d83d01'
${ noResults }
acmed/config/default_hooks.toml

157 lines
3.8 KiB
Raw Normal View History

ACMEd v0.7.0
5 years ago
Add default hooks
6 years ago
Change the template engine to MiniJinja
2 years ago
Add default hooks
6 years ago
Change the template engine to MiniJinja
2 years ago
Add default hooks
6 years ago
Add an option to stop or continue after a failed hook
6 years ago
Add default hooks
6 years ago
Fix the default hooks
1 year ago
Change the template engine to MiniJinja
2 years ago
Add default hooks
6 years ago
Fix the http-01-echo default hook
6 years ago
Add default hooks
6 years ago
Change the template engine to MiniJinja
2 years ago
Add default hooks
6 years ago
Add an option to stop or continue after a failed hook
6 years ago
Add default hooks
6 years ago
Change the template engine to MiniJinja
2 years ago
Add default hooks
6 years ago
Add an option to stop or continue after a failed hook
6 years ago
Add default hooks
6 years ago
Allow to configure environment variables for a given certificate Sometimes, you want hooks to use different parameters depending on the certificate. In order to achieve this, it is now now possible to configure environment variables at certificate scope. Thanks to this, the default hooks have been rewrote in order to use cover more use cases.
6 years ago
Add default hooks
6 years ago
Change the template engine to MiniJinja
2 years ago
Fix the default hooks
1 year ago
Change the template engine to MiniJinja
2 years ago
Add default hooks
6 years ago
Change the template engine to MiniJinja
2 years ago
Fix the default hooks
1 year ago
Change the template engine to MiniJinja
2 years ago
Add default hooks
6 years ago
Change the template engine to MiniJinja
2 years ago
Add default hooks
6 years ago
Add an option to stop or continue after a failed hook
6 years ago
Add default hooks
6 years ago
Change the template engine to MiniJinja
2 years ago
Add default hooks
6 years ago
Add an option to stop or continue after a failed hook
6 years ago
Add default hooks
6 years ago
Fix the tls-alpn-01-tacd-unix hook name
6 years ago
Add default hooks
6 years ago
Change the template engine to MiniJinja
2 years ago
Add default hooks
6 years ago
Change the template engine to MiniJinja
2 years ago
Add default hooks
6 years ago
Re-create accounts dropped by the endpoint The previous commit added a small regression: if an account has been dropped by the endpoint, it was not re-created. This commit fixes this.
4 years ago
Add default hooks
6 years ago
Change the template engine to MiniJinja
2 years ago
Add default hooks
6 years ago
Change the template engine to MiniJinja
2 years ago
Add default hooks
6 years ago
Re-create accounts dropped by the endpoint The previous commit added a small regression: if an account has been dropped by the endpoint, it was not re-created. This commit fixes this.
4 years ago
Add default hooks
6 years ago
  1. # Copyright (c) 2019-2020 Rodolphe Bréard <rodolphe@breard.tf>
  2. #
  3. # Copying and distribution of this file, with or without modification,
  4. # are permitted in any medium without royalty provided the copyright
  5. # notice and this notice are preserved. This file is offered as-is,
  6. # without any warranty.
  8. # ------------------------------------------------------------------------
  9. # Default hooks for ACMEd
  10. # You should not edit this file since it may be overridden by a newer one.
  11. # ------------------------------------------------------------------------
  14. #
  15. # http-01 challenge in "/var/www/{{ identifier }}/"
  16. #
  18. [[hook]]
  19. name = "http-01-echo-mkdir"
  20. type = ["challenge-http-01"]
  21. cmd = "mkdir"
  22. args = [
  23. "-m", "0755",
  24. "-p", "{{ env.HTTP_ROOT | default('/var/www') }}/{{ identifier }}/.well-known/acme-challenge"
  25. ]
  26. allow_failure = true
  28. [[hook]]
  29. name = "http-01-echo-echo"
  30. type = ["challenge-http-01"]
  31. cmd = "echo"
  32. args = ["{{ proof }}"]
  33. stdout = "{{ env.HTTP_ROOT | default('/var/www') }}/{{ identifier }}/.well-known/acme-challenge/{{ file_name }}"
  35. [[hook]]
  36. name = "http-01-echo-chmod"
  37. type = ["challenge-http-01"]
  38. cmd = "chmod"
  39. args = [
  40. "a+r",
  41. "{{ env.HTTP_ROOT | default('/var/www') }}/{{ identifier }}/.well-known/acme-challenge/{{ file_name }}"
  42. ]
  43. allow_failure = true
  45. [[hook]]
  46. name = "http-01-echo-clean"
  47. type = ["challenge-http-01-clean"]
  48. cmd = "rm"
  49. args = [
  50. "-f",
  51. "{{ env.HTTP_ROOT | default('/var/www') }}/{{ identifier }}/.well-known/acme-challenge/{{ file_name }}"
  52. ]
  53. allow_failure = true
  55. [[group]]
  56. name = "http-01-echo"
  57. hooks = [
  58. "http-01-echo-mkdir",
  59. "http-01-echo-echo",
  60. "http-01-echo-chmod",
  61. "http-01-echo-clean"
  62. ]
  65. #
  66. # tls-alpn-01 challenge with tacd
  67. #
  69. [[hook]]
  70. name = "tls-alpn-01-tacd-start-tcp"
  71. type = ["challenge-tls-alpn-01"]
  72. cmd = "tacd"
  73. args = [
  74. "--pid-file", "{{ env.TACD_PID_ROOT | default('/run') }}/tacd_{{ identifier }}.pid",
  75. "--domain", "{{ identifier_tls_alpn }}",
  76. "--acme-ext", "{{ proof }}",
  77. "--listen", "{{ env.TACD_PORT | default('5001') }}"
  78. ]
  80. [[hook]]
  81. name = "tls-alpn-01-tacd-start-unix"
  82. type = ["challenge-tls-alpn-01"]
  83. cmd = "tacd"
  84. args = [
  85. "--pid-file", "{{ env.TACD_PID_ROOT | default('/run') }}/tacd_{{ identifier }}.pid",
  86. "--domain", "{{ identifier_tls_alpn }}",
  87. "--acme-ext", "{{ proof }}",
  88. "--listen", "unix:{{ env.TACD_SOCK_ROOT | default('/run') }}/tacd_{{ identifier }}.sock"
  89. ]
  91. [[hook]]
  92. name = "tls-alpn-01-tacd-kill"
  93. type = ["challenge-tls-alpn-01-clean"]
  94. cmd = "pkill"
  95. args = [
  96. "-F", "{{ env.TACD_PID_ROOT | default('/run') }}/tacd_{{ identifier }}.pid",
  97. ]
  98. allow_failure = true
  100. [[hook]]
  101. name = "tls-alpn-01-tacd-rm"
  102. type = ["challenge-tls-alpn-01-clean"]
  103. cmd = "rm"
  104. args = [
  105. "-f", "{{ env.TACD_PID_ROOT | default('/run') }}/tacd_{{ identifier }}.pid",
  106. ]
  107. allow_failure = true
  109. [[group]]
  110. name = "tls-alpn-01-tacd-tcp"
  111. hooks = ["tls-alpn-01-tacd-start-tcp", "tls-alpn-01-tacd-kill", "tls-alpn-01-tacd-rm"]
  113. [[group]]
  114. name = "tls-alpn-01-tacd-unix"
  115. hooks = ["tls-alpn-01-tacd-start-unix", "tls-alpn-01-tacd-kill", "tls-alpn-01-tacd-rm"]
  118. #
  119. # Git storage hook
  120. #
  122. [[hook]]
  123. name = "git-init"
  124. type = ["file-pre-create", "file-pre-edit"]
  125. cmd = "git"
  126. args = [
  127. "init",
  128. "{{ file_directory }}"
  129. ]
  131. [[hook]]
  132. name = "git-add"
  133. type = ["file-post-create", "file-post-edit"]
  134. cmd = "git"
  135. args = [
  136. "-C", "{{ file_directory }}",
  137. "add", "{{ file_name }}"
  138. ]
  139. allow_failure = true
  141. [[hook]]
  142. name = "git-commit"
  143. type = ["file-post-create", "file-post-edit"]
  144. cmd = "git"
  145. args = [
  146. "-C", "{{ file_directory }}",
  147. "-c", "user.name='{{ env.GIT_USERNAME | default('ACMEd') }}'",
  148. "-c", "user.email='{{ env.GIT_EMAIL | default('acmed@localhost') }}'",
  149. "commit",
  150. "-m", "{{ file_name }}",
  151. "--only", "{{ file_name }}"
  152. ]
  153. allow_failure = true
  155. [[group]]
  156. name = "git"
  157. hooks = ["git-init", "git-add", "git-commit"]