110 Commits

Author	SHA1	Message	Date
Nicolas Duchon	8c27be14b6	fix: reload nginx on each created or renewed cert	2024-11-23 11:49:53 +01:00
Nicolas Duchon	c0de80f031	feat: global & per container acme.sh DNS API config	2024-07-16 23:33:20 +02:00
Nicolas Duchon	1c9c0db730	refactor: DNS-01 variables are scoped to the function	2024-07-16 14:17:50 +02:00
Nicolas Duchon	b356f51ebc	fix: add standlone config for HTTP-01 challenge only	2024-07-16 13:47:43 +02:00
Nicolas Duchon	124b6c034c	refactor: remove support for global ACME_CHALLENGE	2024-07-16 13:47:16 +02:00
Nicolas Duchon	9772acc57d	feat: wildcard certificates support ... Co-authored-by: Nicolas Duchon <nicolas.duchon@gmail.com> Co-authored-by: Gilles Filippini <pini@debian.org>	2024-07-16 09:53:50 +02:00
Nicolas Duchon	48b40d401f	feat: support for DNS-01 challenge w/ acme.sh DNS API ... Co-authored-by: Nicolas Duchon <nicolas.duchon@gmail.com> Co-authored-by: David Michaluk <d@michal.uk>	2024-07-16 00:34:56 +02:00
Nicolas Duchon	7178f0790b	style: linting	2024-07-15 22:47:29 +02:00
Nicolas Duchon	c66cedaf97	feat: disable location configuration by default	2024-05-30 22:58:08 +02:00
Nicolas Duchon	6a5fca4124	build: use custom user agent string	2024-01-16 07:49:08 +01:00
Nicolas Duchon	0f3a1fb72e	build: acme.sh 2.9.0 -> 3.0.7	2024-01-14 14:49:05 +01:00
Nicolas Duchon	945c7f3d20	fix: do not remove default cert symlink	2023-12-15 13:33:31 +01:00
Nicolas Duchon	a16a97fe11	fix: restrict private key permissions (#1016) ... * fix: restrict private file permissions by default * fix: check perms of /etc/acme.sh private keys * fix: typo	2023-03-27 19:03:21 +02:00
Nicolas Duchon	87c27d22a6	feat: use EAB if available no matter the ACME CI (#981) ... * ci: setup Pebble with docker-compose + .env file * refactor: move acme.sh hooks further down the file * feat: user EAB with other CAs than Zero SSL * tests: ACME External Account Binding (EAB) * ci: add local Pebble EAB testing	2022-12-06 12:28:48 +01:00
Nicolas Duchon	68005e6938	Revert "fix: register ACME account with EAB first (#976)" ... This reverts commit 77cc9d5241cf711d607d6ba42b2d383e1a28bc10.	2022-12-03 22:15:40 +01:00
Jeroen	77cc9d5241	fix: register ACME account with EAB first (#976) ... * check EAB_KID and HMAC_KEY before registering the ACME account using the provided email. * Update letsencrypt_service copy/past error Co-authored-by: root <root@jump20dst.int.cvovolt.be>	2022-12-03 20:50:23 +01:00
Nicolas Duchon	b9e7d59bed	feat: per-container Pre-Hooks and Post-Hooks	2022-03-02 18:46:15 +01:00
TreeN0de	9da38f37b4	feat: acme.sh pre and post hooks	2022-02-25 19:07:22 +01:00
Nicolas Duchon	8fdd196d4f	fix: trim whitespaces from per-container env vars	2021-12-12 19:41:24 +01:00
Nicolas Duchon	e9abac8b12	chore: project name change	2021-04-05 00:27:52 +02:00
Danil Smirnov	42ddbcb580	Renaming and adding documentation	2020-12-29 15:09:03 +02:00
Danil Smirnov	b47755b875	Making time to wait configurable	2020-12-29 13:13:45 +02:00
Nicolas Duchon	c610b59006	Add CA_BUNDLE environment variable ... Allows acme.sh to use an alternative trusted root CA	2020-12-28 11:31:01 +01:00
Nicolas Duchon	be654b5d27	Add OCSP Must-Staple extension feature (#740)	2020-12-25 18:23:33 +01:00
Nicolas Duchon	1752a420fa	Merge pull request #727 from buchdag/ci-fix ... Fix LETSENCRYPT_KEYSIZE feature and tests	2020-12-08 23:58:58 +01:00
Benoit Garret	5f0bde1be4	Allow ZEROSSL_API_KEY on the letsencrypt container	2020-12-07 21:57:50 +01:00
Nicolas Duchon	6bfdd87109	Fix private keys types	2020-12-07 21:10:14 +01:00
Nicolas Duchon	3d0cd89668	Remove array variable indirection hack ... Replaced by declare -n builtin of Bash 4.3	2020-12-07 00:56:09 +01:00
Nicolas Duchon	1966e52a61	Support for preferred chain	2020-11-29 02:55:11 +01:00
Nicolas Duchon	e9aa88f091	Add support for Zero SSL API key	2020-11-27 14:47:28 +01:00
Nicolas Duchon	f8a24a6dff	Use acme.sh maximum debug level	2020-11-27 14:46:48 +01:00
Nicolas Duchon	d36dea9dda	More robust ACME account registration	2020-11-27 14:46:48 +01:00
Nicolas Duchon	5778216fad	Rename LETSENCRYPT_ACME_CA_URI > ACME_CA_URI	2020-11-27 14:46:48 +01:00
Nicolas Duchon	83aa3c9fda	Support for Zero SSL	2020-11-27 14:46:47 +01:00
Nicolas Duchon	a90c82a1a7	Add support for elliptic curve 512 bits keys	2020-11-27 14:46:47 +01:00
Nicolas Duchon	8052f04b07	Store and use image version based on git describe	2020-11-27 14:46:47 +01:00
Nicolas Duchon	54e73a994b	Backward compatibility with REUSE_PRIVATE_KEYS	2020-11-27 14:46:46 +01:00
Nicolas Duchon	14a019fedb	Fix private key reuse	2020-11-27 14:46:46 +01:00
Nicolas Duchon	e2d05afa25	Better debugging of acme.sh call parameters	2020-11-27 14:46:46 +01:00
Nicolas Duchon	fde553364c	Use acme.sh --register-account in the service loop	2020-11-27 14:46:45 +01:00
Gilles Filippini	195b19d221	Use email-less staging conf for test certificates	2020-11-27 14:46:45 +01:00
Nicolas Duchon	aa62af0052	Code styling	2020-11-27 14:46:45 +01:00
Gilles Filippini	3b1e1ba851	Enable proxied containers ACME email override	2020-11-27 14:46:44 +01:00
Gilles Filippini	3b6d87e8c2	Use default config for empty DEFAULT_EMAIL only	2020-11-27 14:46:44 +01:00
Nicolas Duchon	7cf0a52bce	Refactor update_certs() into two functions	2020-11-27 14:46:44 +01:00
Gilles Filippini	f66c1d55bf	Links should be created on RENEW_SKIP as well	2020-11-27 14:46:43 +01:00
Nicolas Duchon	c821d809f6	Change ACME client to acme.sh	2020-11-27 14:44:01 +01:00
Nicolas Duchon	96c9cbf821	Revert "Merge pull request #485 from Greek64/PR" ... This feature is not supported in this form by acme.sh This reverts commit 7dd2cd67e5edc6684463f9120bac2a088ad887cf, reversing changes made to 6a90d53c975a8d44539d6e9e8737c70150354aca.	2020-11-27 14:44:01 +01:00
Nicolas Duchon	8a936cc4fe	Add standalone certificate feature ... Standalone certificates are generated from a static user provided configuration file rather than from the dynamicaly generated (from running containers environment variables) letsencrypt_service_data file.	2020-05-10 19:35:59 +02:00
Nicolas Duchon	e49c2d5213	Shellcheck linting (#641)	2020-03-23 08:20:46 +01:00