Update to fetch cert twice to allow easier renewal. #4

Merged
dracos merged 1 commits from fetch-cert-twice into master 2018-08-23 22:45:42 +00:00
dracos commented 2018-08-23 20:25:38 +00:00 (Migrated from github.com)

This matches the production docs. I have tested this and it seems to work; it means you don't have to stop nginx daily to potentially perform the renewal.

This matches the production docs. I have tested this and it seems to work; it means you don't have to stop nginx daily to potentially perform the renewal.
dracos (Migrated from github.com) reviewed 2018-08-23 21:55:21 +00:00
dracos (Migrated from github.com) commented 2018-08-23 21:55:20 +00:00

Sorry, I see this one currently depends upon my local domain PR #3. Can rework to not have that if #3 isn't wanted but this is.

Sorry, I see this one currently depends upon my local domain PR #3. Can rework to not have that if #3 isn't wanted but this is.
packetbiral (Migrated from github.com) reviewed 2018-08-23 21:55:54 +00:00
packetbiral (Migrated from github.com) commented 2018-08-23 21:55:54 +00:00

I just merged #3 so this one is fine as well!

I just merged #3 so this one is fine as well!
packetbiral commented 2018-08-23 22:07:13 +00:00 (Migrated from github.com)

One issue, certbot is not a package available in standard repos in Ubuntu 16.04, I believe the package is called letsencrypt.

root@demonreach:~# apt install certbot Reading package lists... Done Building dependency tree Reading state information... Done E: Unable to locate package certbot

One issue, certbot is not a package available in standard repos in Ubuntu 16.04, I believe the package is called letsencrypt. `root@demonreach:~# apt install certbot Reading package lists... Done Building dependency tree Reading state information... Done E: Unable to locate package certbot`
dracos commented 2018-08-23 22:27:05 +00:00 (Migrated from github.com)

Ah I assumed the version in xenial was too old: https://launchpad.net/ubuntu/+source/python-letsencrypt/+bugs
Reading again it looks like it might still be okay for initial, but I think renewal might be broken, see e.g. https://bugs.launchpad.net/ubuntu/xenial/+source/python-letsencrypt/+bug/1640978

But as bionic/stretch both still have 'letsencrypt' as a dummy package, could move to that if you like, sure.

Or looks like there's a PPA for xenial: https://certbot.eff.org/lets-encrypt/ubuntuxenial-other

Ah I assumed the version in xenial was too old: https://launchpad.net/ubuntu/+source/python-letsencrypt/+bugs Reading again it looks like it might still be okay for initial, but I think renewal might be broken, see e.g. https://bugs.launchpad.net/ubuntu/xenial/+source/python-letsencrypt/+bug/1640978 But as bionic/stretch both still have 'letsencrypt' as a dummy package, could move to that if you like, sure. Or looks like there's a PPA for xenial: https://certbot.eff.org/lets-encrypt/ubuntuxenial-other
packetbiral commented 2018-08-23 22:39:00 +00:00 (Migrated from github.com)

Let's keep it 'letsencrypt', I'd like to keep use of external repositories/PPAs to a minimum where possible.

Let's keep it 'letsencrypt', I'd like to keep use of external repositories/PPAs to a minimum where possible.
dracos commented 2018-08-23 22:43:14 +00:00 (Migrated from github.com)

Updated.

Updated.
packetbiral commented 2018-08-23 22:45:37 +00:00 (Migrated from github.com)

Thanks, looks good to me, merging.

Thanks, looks good to me, merging.
Sign in to join this conversation.
No reviewers
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: packetcat/mastible#4
No description provided.