mirror of
https://github.com/nginx-proxy/docker-letsencrypt-nginx-proxy-companion
synced 2024-11-26 08:53:52 +01:00
build: acme.sh 2.9.0 -> 3.0.7
This commit is contained in:
parent
06a5f5e06c
commit
0f3a1fb72e
@ -3,7 +3,7 @@ FROM nginxproxy/docker-gen:0.11.0 AS docker-gen
|
|||||||
FROM alpine:3.19.0
|
FROM alpine:3.19.0
|
||||||
|
|
||||||
ARG GIT_DESCRIBE
|
ARG GIT_DESCRIBE
|
||||||
ARG ACMESH_VERSION=2.9.0
|
ARG ACMESH_VERSION=3.0.7
|
||||||
|
|
||||||
ENV COMPANION_VERSION=$GIT_DESCRIBE \
|
ENV COMPANION_VERSION=$GIT_DESCRIBE \
|
||||||
DOCKER_HOST=unix:///var/run/docker.sock \
|
DOCKER_HOST=unix:///var/run/docker.sock \
|
||||||
|
@ -198,9 +198,12 @@ function update_cert {
|
|||||||
|
|
||||||
# Set relevant --server parameter and ca folder name
|
# Set relevant --server parameter and ca folder name
|
||||||
params_base_arr+=(--server "$acme_ca_uri")
|
params_base_arr+=(--server "$acme_ca_uri")
|
||||||
local ca_dir="${acme_ca_uri##*://}" \
|
|
||||||
&& ca_dir="${ca_dir%%/*}" \
|
# Reproduce acme.sh logic to determine the ca account folder path
|
||||||
&& ca_dir="${ca_dir%%:*}"
|
local ca_host_dir
|
||||||
|
ca_host_dir="$(echo "$acme_ca_uri" | cut -d : -f 2 | tr -s / | cut -d / -f 2)"
|
||||||
|
local ca_path_dir
|
||||||
|
ca_path_dir="$(echo "$acme_ca_uri" | cut -d : -f 2- | tr -s / | cut -d / -f 3-)"
|
||||||
|
|
||||||
local certificate_dir
|
local certificate_dir
|
||||||
# If we're going to use one of LE stating endpoints ...
|
# If we're going to use one of LE stating endpoints ...
|
||||||
@ -223,7 +226,7 @@ function update_cert {
|
|||||||
|
|
||||||
[[ ! -d "$config_home" ]] && mkdir -p "$config_home"
|
[[ ! -d "$config_home" ]] && mkdir -p "$config_home"
|
||||||
params_base_arr+=(--config-home "$config_home")
|
params_base_arr+=(--config-home "$config_home")
|
||||||
local account_file="${config_home}/ca/${ca_dir}/account.json"
|
local account_file="${config_home}/ca/${ca_host_dir}/${ca_path_dir}/account.json"
|
||||||
|
|
||||||
# External Account Binding (EAB)
|
# External Account Binding (EAB)
|
||||||
local -n eab_kid="ACME_${cid}_EAB_KID"
|
local -n eab_kid="ACME_${cid}_EAB_KID"
|
||||||
|
@ -7,7 +7,7 @@ apk --no-cache --virtual .acmesh-deps add git
|
|||||||
|
|
||||||
# Get acme.sh ACME client source
|
# Get acme.sh ACME client source
|
||||||
mkdir /src
|
mkdir /src
|
||||||
git -C /src clone https://github.com/Neilpang/acme.sh.git
|
git -C /src clone https://github.com/acmesh-official/acme.sh.git
|
||||||
cd /src/acme.sh
|
cd /src/acme.sh
|
||||||
if [[ "$ACMESH_VERSION" != "master" ]]; then
|
if [[ "$ACMESH_VERSION" != "master" ]]; then
|
||||||
git -c advice.detachedHead=false checkout "$ACMESH_VERSION"
|
git -c advice.detachedHead=false checkout "$ACMESH_VERSION"
|
||||||
|
@ -31,8 +31,21 @@ run_nginx_container --hosts "${domains[0]}"
|
|||||||
# Wait for a symlink at /etc/nginx/certs/${domains[0]}.crt
|
# Wait for a symlink at /etc/nginx/certs/${domains[0]}.crt
|
||||||
wait_for_symlink "${domains[0]}" "$le_container_name"
|
wait_for_symlink "${domains[0]}" "$le_container_name"
|
||||||
|
|
||||||
|
# Hard set the account dir based on the test ACME CA used.
|
||||||
|
case $ACME_CA in
|
||||||
|
pebble)
|
||||||
|
account_dir="pebble/dir"
|
||||||
|
;;
|
||||||
|
boulder)
|
||||||
|
account_dir="boulder/directory"
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "$0 $ACME_CA: invalid option."
|
||||||
|
exit 1
|
||||||
|
esac
|
||||||
|
|
||||||
# Test if the expected folder / file / content are there.
|
# Test if the expected folder / file / content are there.
|
||||||
json_file="/etc/acme.sh/default/ca/$ACME_CA/account.json"
|
json_file="/etc/acme.sh/default/ca/$account_dir/account.json"
|
||||||
if [[ "$ACME_CA" == 'boulder' ]]; then
|
if [[ "$ACME_CA" == 'boulder' ]]; then
|
||||||
no_mail_str='[]'
|
no_mail_str='[]'
|
||||||
elif [[ "$ACME_CA" == 'pebble' ]]; then
|
elif [[ "$ACME_CA" == 'pebble' ]]; then
|
||||||
@ -64,7 +77,7 @@ run_nginx_container --hosts "${domains[1]}"
|
|||||||
wait_for_symlink "${domains[1]}" "$le_container_name"
|
wait_for_symlink "${domains[1]}" "$le_container_name"
|
||||||
|
|
||||||
# Test if the expected folder / file / content are there.
|
# Test if the expected folder / file / content are there.
|
||||||
json_file="/etc/acme.sh/${default_email}/ca/$ACME_CA/account.json"
|
json_file="/etc/acme.sh/${default_email}/ca/$account_dir/account.json"
|
||||||
if docker exec "$le_container_name" [[ ! -d "/etc/acme.sh/$default_email" ]]; then
|
if docker exec "$le_container_name" [[ ! -d "/etc/acme.sh/$default_email" ]]; then
|
||||||
echo "The /etc/acme.sh/$default_email folder does not exist."
|
echo "The /etc/acme.sh/$default_email folder does not exist."
|
||||||
elif docker exec "$le_container_name" [[ ! -f "$json_file" ]]; then
|
elif docker exec "$le_container_name" [[ ! -f "$json_file" ]]; then
|
||||||
@ -82,7 +95,7 @@ run_nginx_container --hosts "${domains[2]}" --cli-args "--env LETSENCRYPT_EMAIL=
|
|||||||
wait_for_symlink "${domains[2]}" "$le_container_name"
|
wait_for_symlink "${domains[2]}" "$le_container_name"
|
||||||
|
|
||||||
# Test if the expected folder / file / content are there.
|
# Test if the expected folder / file / content are there.
|
||||||
json_file="/etc/acme.sh/${container_email}/ca/$ACME_CA/account.json"
|
json_file="/etc/acme.sh/${container_email}/ca/$account_dir/account.json"
|
||||||
if docker exec "$le_container_name" [[ ! -d "/etc/acme.sh/$container_email" ]]; then
|
if docker exec "$le_container_name" [[ ! -d "/etc/acme.sh/$container_email" ]]; then
|
||||||
echo "The /etc/acme.sh/$container_email folder does not exist."
|
echo "The /etc/acme.sh/$container_email folder does not exist."
|
||||||
elif docker exec "$le_container_name" [[ ! -f "$json_file" ]]; then
|
elif docker exec "$le_container_name" [[ ! -f "$json_file" ]]; then
|
||||||
|
@ -46,7 +46,7 @@ run_nginx_container --hosts "${domains[1]}" \
|
|||||||
wait_for_symlink "${domains[0]}" "$le_container_name"
|
wait_for_symlink "${domains[0]}" "$le_container_name"
|
||||||
|
|
||||||
# Test if the expected file is there.
|
# Test if the expected file is there.
|
||||||
config_path="/etc/acme.sh/default/ca/$ACME_CA"
|
config_path="/etc/acme.sh/default/ca/$ACME_CA/dir"
|
||||||
json_file="${config_path}/account.json"
|
json_file="${config_path}/account.json"
|
||||||
conf_file="${config_path}/ca.conf"
|
conf_file="${config_path}/ca.conf"
|
||||||
if docker exec "$le_container_name" [[ ! -f "$json_file" ]]; then
|
if docker exec "$le_container_name" [[ ! -f "$json_file" ]]; then
|
||||||
@ -59,7 +59,7 @@ fi
|
|||||||
wait_for_symlink "${domains[1]}" "$le_container_name"
|
wait_for_symlink "${domains[1]}" "$le_container_name"
|
||||||
|
|
||||||
# Test if the expected file is there.
|
# Test if the expected file is there.
|
||||||
config_path="/etc/acme.sh/${container_email}/ca/$ACME_CA"
|
config_path="/etc/acme.sh/${container_email}/ca/$ACME_CA/dir"
|
||||||
json_file="${config_path}/account.json"
|
json_file="${config_path}/account.json"
|
||||||
conf_file="${config_path}/ca.conf"
|
conf_file="${config_path}/ca.conf"
|
||||||
if docker exec "$le_container_name" [[ ! -f "$json_file" ]]; then
|
if docker exec "$le_container_name" [[ ! -f "$json_file" ]]; then
|
||||||
|
Loading…
Reference in New Issue
Block a user