| Age | Commit message (Collapse) | Author |
|---|
|
I use letsencrypt's nonprod server when testing renewals - especially when
setting up new domains.
I used to have two lines in the config file - one for prod and one for nonprod,
only one of which would be uncommented at any given time.
However, especially since I started running the script via a cron job, there
was a risk that I would forget to change it back.
The end goal is to control the environment via a flag to the renew-all script.
As a first step towards this, hardcode the environment as prod here.
|
|
When I still had a domain for motoristic, I had separate emails and tokens for
it, the idea being that I could hand it over to someone else more easily.
However, I deleted the motoristic server some time ago, and since then, all
servers have used the same email and token. Therefore, retrieve this info from
the common config section instead of the domain-specific section.
|
|
The config file gets installed to here in reality. I could introduce some
config, for example overwriting this during the build process, I think that
would be overkill.
|
|
Different domains are managed by different identities both in deSEC and
letsencrypt. Therefore, we should store these per domain, instead of globally.
|
|
This commit adds the initial structure / scaffolding on which the rest of the
project can be built.
The idea is to have an entry point written in python, which parses a toml file
which contains information about each domain, and general configuration of the
lego tool which will actually renew the certificates. Each domain has an
additional post-renew script, the path to which is given in the config file,
which is used to install the new certificates onto the remote hosts if
necessary.
|
