infra-role-certbot

mirror of https://github.com/status-im/infra-role-certbot.git synced 2025-02-18 22:07:04 +00:00

Author	SHA1	Message	Date
Jakub Sokołowski	0cac45df2e	renew: allow only one retry after 600 seconds Signed-off-by: Jakub Sokołowski <jakub@status.im>	2025-02-03 22:41:22 +01:00
Jakub Sokołowski	06a21b98e7	config: create user and fix UID on the host Signed-off-by: Jakub Sokołowski <jakub@status.im>	2025-02-03 22:41:21 +01:00
Jakub Sokołowski	6f4a87fd2d	config: rename install tasks file to config Signed-off-by: Jakub Sokołowski <jakub@status.im>	2025-01-21 23:23:39 +01:00
Jakub Sokołowski	a4184eeb3b	renew: remove unnecessary chmod from wrapper Signed-off-by: Jakub Sokołowski <jakub@status.im>	2025-01-21 23:23:37 +01:00
Jakub Sokołowski	07fe3f0749	renew: add variable for optional --debug flag Signed-off-by: Jakub Sokołowski <jakub@status.im>	2025-01-21 23:23:36 +01:00
Alexis Pentori	dfd0bce4e5	certbot: update certificate ownership Signed-off-by: Alexis Pentori <alexis@status.im>	2024-07-29 12:09:07 +02:00
Jakub Sokołowski	f6b318df0a	upgrade from 1.32.2 to 2.11.0 Signed-off-by: Jakub Sokołowski <jakub@status.im>	2024-07-22 18:14:09 +02:00
Jakub Sokołowski	17986a8090	create: ignore stop/start errors Service might not yet exist. Signed-off-by: Jakub Sokołowski <jakub@status.im>	2024-03-18 18:37:10 +01:00
Jakub Sokołowski	fdf310513b	service: set explicit certificate name Signed-off-by: Jakub Sokołowski <jakub@status.im>	2024-03-15 14:20:13 +01:00
Jakub Sokołowski	bc267bf8c0	service: add --expand to allow adding SANs Signed-off-by: Jakub Sokołowski <jakub@status.im>	2024-03-15 14:14:14 +01:00
Jakub Sokołowski	69c9e368ba	meta: use full names of Ansible roles Signed-off-by: Jakub Sokołowski <jakub@status.im>	2024-03-15 14:14:09 +01:00
Jakub Sokołowski	f7e9ad90f6	create: add missing stopping of containers Signed-off-by: Jakub Sokołowski <jakub@status.im>	2024-03-15 14:06:17 +01:00
Jakub Sokołowski	c7a5afe6a7	renew: enable 3 retries and use direct restart mode This allows for ExecStopPost to run even after failure. Signed-off-by: Jakub Sokołowski <jakub@status.im>	2024-01-02 14:25:20 +01:00
Anton Iakimov	41e768fe2e	set the list of services to stop to empty list If certbot is ran in the container - nginx is not required.	2023-10-10 12:00:07 +02:00
Jakub Sokołowski	aa7daf1fe1	fix permissions on logs and etc folders Signed-off-by: Jakub Sokołowski <jakub@status.im>	2023-04-12 14:35:58 +02:00
Jakub Sokołowski	cf44a33b3e	allow specifying container user UID, provide paths Necessary to match permissions of coTURN server: https://github.com/status-im/infra-logos-office/issues/9 Signed-off-by: Jakub Sokołowski <jakub@status.im>	2023-01-17 16:25:39 +01:00
Jakub Sokołowski	ebfdd5e25a	upgrade container from 1.29.0 to 1.32.2 Signed-off-by: Jakub Sokołowski <jakub@status.im>	2023-01-16 17:56:34 +01:00
Jakub Sokołowski	a0f3dc76f2	upgrade from 1.25.0 to 1.29.0 https://github.com/certbot/certbot/releases/tag/v1.29.0 Signed-off-by: Jakub Sokołowski <jakub@status.im>	2022-08-22 16:02:18 +02:00
Jakub Sokołowski	e032a64f88	use ExecStartPre and ExecStartPost to manage services Using `trap` in the script wasn't working that well. Signed-off-by: Jakub Sokołowski <jakub@status.im>	2022-08-08 09:57:59 +02:00
Jakub Sokołowski	0495746122	certbot.sh: drop set -e to avoid fake failures Signed-off-by: Jakub Sokołowski <jakub@status.im>	2022-07-27 22:13:58 +02:00
Jakub Sokołowski	4dc296d6b8	upgrade Docker image to 1.25.0 Signed-off-by: Jakub Sokołowski <jakub@status.im>	2022-03-31 16:34:36 +02:00
Jakub Sokołowski	4b93ca8104	increase timer timeout to 10 minutes Signed-off-by: Jakub Sokołowski <jakub@status.im>	2021-12-20 17:55:16 +01:00
Jakub Sokołowski	ba9d44e145	lower renewal frequency to weekly Signed-off-by: Jakub Sokołowski <jakub@status.im>	2021-07-27 09:38:44 +02:00
Jakub Sokołowski	efef177d8e	handle stopping docker containers too, use trap Signed-off-by: Jakub Sokołowski <jakub@status.im>	2021-07-27 09:25:00 +02:00
Jakub Sokołowski	f4b18b85ec	stop services like nginx before renewing certificate Signed-off-by: Jakub Sokołowski <jakub@status.im>	2021-07-27 09:16:23 +02:00
Jakub Sokołowski	9eb5685b98	support running certbot via docker container Usefule so other containers can access the certificates when running with UID remapping. Signed-off-by: Jakub Sokołowski <jakub@status.im>	2021-05-13 17:02:20 +02:00
Jakub Sokołowski	3d76806282	refactor to drop non-ubuntu OSes, use systemd timer Signed-off-by: Jakub Sokołowski <jakub@status.im>	2021-05-13 13:14:58 +02:00
Jeff Geerling	fdba1c4352	Merge pull request #142 from geerlingguy/134-snap-install-method Issue #134: Snap install method. 4.0.0	2021-03-31 11:47:24 -05:00
Jeff Geerling	3c05ff5029	Use bools I guess.	2021-03-31 11:39:22 -05:00
Jeff Geerling	25a661157e	Allow failure on snap-based install since containerization makes that hard to test.	2021-03-31 11:25:12 -05:00
Jeff Geerling	e93e175a7e	Remove ansible-lint from roles.	2021-03-15 09:26:56 -05:00
Jeff Geerling	e10cfdaedb	Make ansible-lint work again.	2021-02-22 16:12:59 -06:00
Jeff Geerling	e34a21f0eb	Set certbot_script variable for snap-based install.	2021-02-21 09:03:18 -06:00
Jeff Geerling	4f22d025cd	Slight tweak, but it still won't work.	2021-01-19 12:07:46 -06:00
Jeff Geerling	ea88bfa03c	Attempt to get snap based install working correctly.	2021-01-19 11:56:58 -06:00
Jeff Geerling	56ba6ad847	Fix syntax error with file module usage.	2021-01-19 11:02:58 -06:00
Jeff Geerling	0ba7078e8c	Issue #134 : Snap install method.	2021-01-19 10:54:42 -06:00
Jeff Geerling	b96acd79ec	Fix a deprecation warning in the Molecule playbook.	2020-12-27 00:17:01 -06:00
Jeff Geerling	9090d7d431	Merge pull request #127 from wzzrd/patch-1 Only enable PowerTools on CentOS	2020-12-27 00:05:59 -06:00
Jeff Geerling	7c66dc3eed	Merge pull request #137 from GuillaumeRemyCSI/patch-1 Fixed issue with PowerTools DNF module	2020-12-27 00:05:52 -06:00
GuillaumeRemyCSI	51ff0b14a3	Fixed issue with PowerTools DNF module PowerTools has been renamed to powertools on CentOS 8	2020-12-18 15:38:56 +01:00
Jeff Geerling	8006878db7	Drop support for RedHat / CentOS 6.	2020-12-08 17:03:31 -06:00
Jeff Geerling	eb5f51182b	Drop CentOS 6 testing.	2020-12-08 16:55:18 -06:00
Jeff Geerling	fe1716eced	Fix GitHub Actions workflow syntax for CI.	2020-11-05 09:26:10 -06:00
Jeff Geerling	3624a21c45	Dump Travis CI and move to GitHub Actions.	2020-11-05 09:22:58 -06:00
Jeff Geerling	2bca213421	Switch to travis-ci.com.	2020-10-26 20:08:42 -05:00
Jeff Geerling	f5bbfd2ec7	Make sure docker driver is installed with molecule.	2020-10-15 17:02:21 -05:00
Maxim Burgerhout	a9609e1da6	Only enable PowerTools on CentOS The PowerTools repo exists only on CentOS, but the current selector ansible_os_family == 'RedHat' also evaluates to true on Fedora and RHEL, making this role fail. This patch switches the when statement to only evaluate to true if really running on CentOS, which I think was the intention	2020-09-30 08:52:43 +02:00
Jeff Geerling	5ac9b8da7c	Ignore the tyranny of ansible-lint rule 106.	2020-08-20 19:19:27 -05:00
Jeff Geerling	50f9134287	Upgrade Travis CI docker version to fix Molecule tests.	2020-08-12 14:52:29 -05:00

1 2 3

129 Commits