-.cache
-.ccache
-.config
.lesshst
-.local
cert/
etc/
log/
-req/
tmp/
webroot/
+++ /dev/null
-[submodule "letsencrypt"]
- path = letsencrypt
- url = https://github.com/letsencrypt/letsencrypt/
+++ /dev/null
-#! /bin/sh
-set -e
-prog=$(readlink -e "$0")
-. "${prog%/*}/../config.sh"
-. "$home/lib/lib.sh"
-
-run_as_user "$@"
-prepare_tmp le-user
-make_le_conf
-
-exec $home/letsencrypt/letsencrypt-auto -c "$tmp/le.conf" "$@"
prepare_tmp $tag
-## Get started.
+## Let's go.
cert=$home/cert/$tag
cd $cert
-openssl req -in req -out $tmp/req.der -outform der
-sans=$(openssl req -in req -text -noout |
- sed -n '
- x
- /^ *X509v3 Subject Alternative Name: $/ {
- x
- s/ *DNS://g
- s/,/ /g
- p
- x
- }')
-make_le_conf $sans
-
-cd $tmp
-$home/letsencrypt/letsencrypt-auto -c "$tmp/le.conf" --text \
- -a webroot --csr $tmp/req.der certonly
-
-cd $cert
-cat $tmp/0001_chain.pem $home/le-root.cert >full-chain.new
+dehydrated -f $HOME/dehydrated-config.sh -fc -s req >full-chain.new
mv full-chain.new full-chain
chown $u:$g $d
done <<EOF
. 755 root root
-.cache 2775 root $user
-.config 2775 root $user
-.local 2775 root $user
cert 2755 root $user
etc 2770 root $user
-log 2775 root $user
tmp 2770 root $user
webroot 755 root root
webroot/.well-known 755 root root
+++ /dev/null
-#! /bin/sh
-exec "$@"
--- /dev/null
+### -*-sh-*-
+
+BASEDIR=$HOME
+CHALLENGETYPE=http-01
+WELLKNOWN=$BASEDIR/webroot/.well-known/acme-challenge
+PRIVATE_KEY_RENEW=no
+ACCOUNTDIR=$BASEDIR/etc/account
+LOCKFILE=$BASEDIR/etc/lock
+
+##CA="https://acme-staging.api.letsencrypt.org/directory"
+++ /dev/null
------BEGIN CERTIFICATE-----
-MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/
-MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
-DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow
-PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD
-Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
-AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O
-rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq
-OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b
-xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw
-7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD
-aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
-HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG
-SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69
-ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr
-AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz
-R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5
-JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo
-Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ
------END CERTIFICATE-----
+++ /dev/null
-### -*-conf-*-
-
-email = mdw@distorted.org.uk
+++ /dev/null
-Subproject commit ce14851232c39aa1151ecd9c7b77ef910059d46c
mkdir $tmp
trap 'cd $home; rm -rf $tmp' EXIT INT TERM
}
-
-make_le_conf () {
- { cat $home/le.conf.skel
- echo "config-dir = $home/etc"
- echo "logs-dir = $home/log"
- echo "work-dir = $tmp"
- echo
- case $# in
- 0) ;;
- *)
- map="webroot-map = {" sep=" "
- for san in "$@"; do
- map="$map$sep\"$san\": \"$home/webroot\"" sep=", "
- done
- map="$map }"
- echo "$map"
- ;;
- esac
- } >$tmp/le.conf
-}
\ No newline at end of file