Nicolas Duchon
b048f4eeca
refactor: apply suggestions from code review
2024-07-19 08:46:27 +02:00
Nicolas Duchon
24d76fb42c
refactor: remove unused range index
2024-07-17 07:33:31 +02:00
Nicolas Duchon
c0de80f031
feat: global & per container acme.sh DNS API config
2024-07-16 23:33:20 +02:00
Nicolas Duchon
1c9c0db730
refactor: DNS-01 variables are scoped to the function
2024-07-16 14:17:50 +02:00
Nicolas Duchon
b356f51ebc
fix: add standlone config for HTTP-01 challenge only
2024-07-16 13:47:43 +02:00
Nicolas Duchon
124b6c034c
refactor: remove support for global ACME_CHALLENGE
2024-07-16 13:47:16 +02:00
Nicolas Duchon
9772acc57d
feat: wildcard certificates support
...
Co-authored-by: Nicolas Duchon <nicolas.duchon@gmail.com>
Co-authored-by: Gilles Filippini <pini@debian.org>
2024-07-16 09:53:50 +02:00
Nicolas Duchon
48b40d401f
feat: support for DNS-01 challenge w/ acme.sh DNS API
...
Co-authored-by: Nicolas Duchon <nicolas.duchon@gmail.com>
Co-authored-by: David Michaluk <d@michal.uk>
2024-07-16 00:34:56 +02:00
Nicolas Duchon
7178f0790b
style: linting
2024-07-15 22:47:29 +02:00
Nicolas Duchon
55cd21a50c
style: improve rendered template presentation
2024-07-15 22:47:01 +02:00
Nicolas Duchon
c66cedaf97
feat: disable location configuration by default
2024-05-30 22:58:08 +02:00
Nicolas Duchon
c99e656cec
Merge pull request #1092 from rioriost/main
...
fix: get container ID from /proc/self/mountinfo (for podman)
2024-05-04 19:53:14 +02:00
Nicolas Duchon
cf43aca15c
refactor: ensure we never grep more than one container id
2024-05-04 12:41:59 +02:00
Nicolas Duchon
624a9ec5a8
Merge pull request #1078 from nginx-proxy/1049
...
fix: handle most recently created containers first
2024-05-04 12:13:09 +02:00
Nicolas Duchon
cb693874cc
refactor: readability improvements on generated data file
2024-05-04 11:45:25 +02:00
Rio Fujita
d110a065b2
Update functions.sh
...
With cgroup v2, CID can be read from /proc/self/mountinfo
2024-01-28 11:32:37 +09:00
Nicolas Duchon
6a5fca4124
build: use custom user agent string
2024-01-16 07:49:08 +01:00
Nicolas Duchon
155535e719
Merge pull request #1087 from nginx-proxy/acme.sh-upgrade
...
build: acme.sh 2.9.0 -> 3.0.4
2024-01-15 11:01:19 +01:00
Nicolas Duchon
0f3a1fb72e
build: acme.sh 2.9.0 -> 3.0.7
2024-01-14 14:49:05 +01:00
Nicolas Duchon
83697e6cbf
fix: don't display LE certificate as erroneously expired
2023-12-25 15:43:03 +01:00
Nicolas Duchon
c190589349
fix: handle most recently created containers first
2023-12-19 16:08:58 +01:00
Nicolas Duchon
945c7f3d20
fix: do not remove default cert symlink
2023-12-15 13:33:31 +01:00
Egor Makarenko
71d8369a06
fix: prevent infinite loop in enumerate_wildcard_locations
2023-12-08 01:55:59 +01:00
Nicolas Duchon
1fc38f882b
refactor: move to correctly namespaced labels ( #1046 )
2023-08-01 21:45:39 +02:00
Nicolas Duchon
a16a97fe11
fix: restrict private key permissions ( #1016 )
...
* fix: restrict private file permissions by default
* fix: check perms of /etc/acme.sh private keys
* fix: typo
2023-03-27 19:03:21 +02:00
Nicolas Duchon
87c27d22a6
feat: use EAB if available no matter the ACME CI ( #981 )
...
* ci: setup Pebble with docker-compose + .env file
* refactor: move acme.sh hooks further down the file
* feat: user EAB with other CAs than Zero SSL
* tests: ACME External Account Binding (EAB)
* ci: add local Pebble EAB testing
2022-12-06 12:28:48 +01:00
Nicolas Duchon
68005e6938
Revert "fix: register ACME account with EAB first ( #976 )"
...
This reverts commit 77cc9d5241cf711d607d6ba42b2d383e1a28bc10.
2022-12-03 22:15:40 +01:00
Jeroen
77cc9d5241
fix: register ACME account with EAB first ( #976 )
...
* check EAB_KID and HMAC_KEY before registering the ACME account using the provided email.
* Update letsencrypt_service
copy/past error
Co-authored-by: root <root@jump20dst.int.cvovolt.be>
2022-12-03 20:50:23 +01:00
Nicolas Duchon
b9e7d59bed
feat: per-container Pre-Hooks and Post-Hooks
2022-03-02 18:46:15 +01:00
TreeN0de
9da38f37b4
feat: acme.sh pre and post hooks
2022-02-25 19:07:22 +01:00
Nicolas Duchon
44bd2fa437
Merge pull request #904 from nginx-proxy/dhparam-rfc7919
...
Use RFC 7919 DH groups + Remove DH generation
2021-12-16 03:07:08 +01:00
Nicolas Duchon
9b935a09a5
style: coherent coding style on check_dh_group
...
+ removal of an unneeded local keyword
2021-12-16 02:00:04 +01:00
Nicolas Duchon
e0aaa93eb6
refactor: better check_dh_group() logic
...
Replaces existing group if it does not match the DHPARAM_BITS key size.
2021-12-14 23:34:15 +01:00
Nicolas Duchon
67d4194fb6
feat: use pre generated RFC7919 DH groups
...
Co-authored-by: polarathene <5098581+polarathene@users.noreply.github.com>
2021-12-14 23:32:39 +01:00
Nicolas Duchon
2f7ac9708a
style: add comments to docker-gen template
2021-12-12 19:41:46 +01:00
Nicolas Duchon
8fdd196d4f
fix: trim whitespaces from per-container env vars
2021-12-12 19:41:24 +01:00
Nicolas Duchon
dddd7a5a82
fix: prevent endless loop of wildcard enumeration
2021-12-08 15:37:15 +01:00
Nicolas Duchon
e9abac8b12
chore: project name change
2021-04-05 00:27:52 +02:00
Logan Kennelly
ffffdc86bd
Fix unintentional file globbing during wildcard lookup
...
Matching globs are common because the script runs in the certs
directory.
The test uses a suffix match as the test domains don't include
subdomains, although such cases should probably be considered.
Fix the le3.wtf test. The existing add_location_configuration modifies
"default"; a second add is not necessary.
Fixes #763
2021-03-15 18:14:22 -07:00
Danil Smirnov
42ddbcb580
Renaming and adding documentation
2020-12-29 15:09:03 +02:00
Danil Smirnov
b47755b875
Making time to wait configurable
2020-12-29 13:13:45 +02:00
Nicolas Duchon
c610b59006
Add CA_BUNDLE environment variable
...
Allows acme.sh to use an alternative trusted root CA
2020-12-28 11:31:01 +01:00
Nicolas Duchon
be654b5d27
Add OCSP Must-Staple extension feature ( #740 )
2020-12-25 18:23:33 +01:00
Nicolas Duchon
1752a420fa
Merge pull request #727 from buchdag/ci-fix
...
Fix LETSENCRYPT_KEYSIZE feature and tests
2020-12-08 23:58:58 +01:00
Benoit Garret
5f0bde1be4
Allow ZEROSSL_API_KEY on the letsencrypt container
2020-12-07 21:57:50 +01:00
Nicolas Duchon
6bfdd87109
Fix private keys types
2020-12-07 21:10:14 +01:00
Nicolas Duchon
082ad32f49
Fix the private_keys test
2020-12-07 21:05:32 +01:00
Nicolas Duchon
73b7186d6d
Raise back docker-gen debounce a bit
2020-12-07 00:57:22 +01:00
Nicolas Duchon
3d0cd89668
Remove array variable indirection hack
...
Replaced by declare -n builtin of Bash 4.3
2020-12-07 00:56:09 +01:00
Nicolas Duchon
f069d50d33
Fix tests self cleanup
2020-11-29 02:55:13 +01:00