acme - Tiny wrapper around Lego to handle automatic cert renewal.

Age	Commit message (Collapse)	Author
2025-12-29	Choose provider from the config file	Matthew Fennell
	We now have different domains managed by different DNS providers. Select the provider per-domain based on the config file.
2025-12-29	Make mythic beasts secrets available to lego	Matthew Fennell
	mercuric.uk is now using Mythic Beasts instead of deSEC for DNS, and I'll be moving the other domains shortly. As a result, I would like to be able to select between providers them in the config file. As a first step towards supporting Mythic Beasts, pass the API key ID and secret to lego. We can do this in all circumstances: it will be unused if we don't specify mythicbeasts when the command is invoked.
2025-12-29	Hardcode prod environment in acme renew script	Matthew Fennell
	I use letsencrypt's nonprod server when testing renewals - especially when setting up new domains. I used to have two lines in the config file - one for prod and one for nonprod, only one of which would be uncommented at any given time. However, especially since I started running the script via a cron job, there was a risk that I would forget to change it back. The end goal is to control the environment via a flag to the renew-all script. As a first step towards this, hardcode the environment as prod here.
2025-12-28	Get acme_email and desec_token from config section	Matthew Fennell
	When I still had a domain for motoristic, I had separate emails and tokens for it, the idea being that I could hand it over to someone else more easily. However, I deleted the motoristic server some time ago, and since then, all servers have used the same email and token. Therefore, retrieve this info from the common config section instead of the domain-specific section.
2025-12-28	Hardcode config file path under /etc/opt	Matthew Fennell
	The config file gets installed to here in reality. I could introduce some config, for example overwriting this during the build process, I think that would be overkill.
2024-05-29	Store acme and DNS details per-domain	Matthew Fennell
	Different domains are managed by different identities both in deSEC and letsencrypt. Therefore, we should store these per domain, instead of globally.
2024-02-28	Initial commit	Matthew Fennell
	This commit adds the initial structure / scaffolding on which the rest of the project can be built. The idea is to have an entry point written in python, which parses a toml file which contains information about each domain, and general configuration of the lego tool which will actually renew the certificates. Each domain has an additional post-renew script, the path to which is given in the config file, which is used to install the new certificates onto the remote hosts if necessary.