Commit 059c2550 authored by Praveen Arimbrathodiyil's avatar Praveen Arimbrathodiyil
Browse files

ask letsencrypt update email

parent f221ad9a
......@@ -18,6 +18,9 @@ set -e
db_set diaspora-common/url "$SERVERNAME"
db_set diaspora-common/ssl "${diaspora_https:-true}"
db_set diaspora-common/letsencrypt "${diaspora_letsencrypt:-false}"
if [ -n "$diaspora_letsencrypt_email" ]; then
db_set diaspora-common/letsencrypt_email "${diaspora_letsencrypt_email}"
fi
fi
# What is your pod address?
......@@ -36,6 +39,14 @@ if command -v letsencrypt >/dev/null; then
then
db_input high diaspora-common/letsencrypt || true
db_go
db_get diaspora-common/letsencrypt
diaspora_letsencrypt=$RET
if [ "$diaspora_letsencrypt" = "true" ]; then
# Get email for letsencrypt updates
db_input high diaspora-common/letsencrypt_email || true
db_go
fi
fi
fi
......
......@@ -73,6 +73,8 @@ case "$1" in
fi
db_get diaspora-common/letsencrypt
diaspora_letsencrypt=$RET
db_get diaspora-common/letsencrypt_email
diaspora_letsencrypt_email=$RET
# If the admin deleted or commented some variables but then set
# them via debconf, (re-)add them to the conffile.
......@@ -82,9 +84,12 @@ case "$1" in
echo "diaspora_https=" >> ${diaspora_conf_private}
test -z "$diaspora_letsencrypt" || grep -Eq '^ *diaspora_letsencrypt=' ${diaspora_conf_private} || \
echo "diaspora_letsencrypt=" >> ${diaspora_conf_private}
test -z "$diaspora_letsencrypt_email" || grep -Eq '^ *diaspora_letsencrypt_email=' ${diaspora_conf_private} || \
echo "diaspora_letsencrypt_email=" >> ${diaspora_conf_private}
sed -e "s/^ *SERVERNAME=.*/SERVERNAME=\"$SERVERNAME\"/" \
-e "s/^ *diaspora_https=.*/diaspora_https=\"$diaspora_https\"/" \
-e "s/^ *diaspora_letsencrypt=.*/diaspora_letsencrypt=\"$diaspora_letsencrypt\"/" \
-e "s/^ *diaspora_letsencrypt_email=.*/diaspora_letsencrypt_email=\"$diaspora_letsencrypt_email\"/" \
< ${diaspora_conf_private} > ${diaspora_conf_private}.tmp
mv -f ${diaspora_conf_private}.tmp ${diaspora_conf_private}
......@@ -120,10 +125,11 @@ case "$1" in
echo "Stopping nginx for letsencrypt..."
invoke-rc.d nginx stop
fi
letsencrypt --standalone -d ${SERVERNAME} certonly || {
LETSENCRYPT_CMD="letsencrypt --standalone --agree-tos -m $diaspora_letsencrypt_email -d ${SERVERNAME} certonly"
$LETSENCRYPT_CMD || {
echo "letsencrypt auto configuration failed..."
echo "Stop your webserver and try running letsencrypt manually..."
echo "letsencrypt -d ${SERVERNAME} certonly"
echo "$LETSENCRYPT_CMD"
}
fi
fi
......
......@@ -59,7 +59,13 @@ _Description: Use Let's Encrypt?
.
Note: letsencrypt does not have a usable nginx plugin currently, so
certificates must be renewed manually after 3 months, when current
letsencrypt certificate expire.
letsencrypt certificate expire. If you choose yes here, you will also be
agreeing to letsencrypt terms of service.
Template: diaspora-common/letsencrypt_email
Type: string
_Description: Email address for letsencrypt updates:
Please provide a valid email address for letsencrypt updates.
Template: diaspora-common/dbbackup
Type: note
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment