Merge branch 'hetzner-dyndns'
This commit is contained in:
Sophie Schiller
commit
3761ee6ee8
5 changed files with 118 additions and 41 deletions
|
|
@ -1,24 +1,23 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIID9jCCA3ygAwIBAgISBaRtAN5dI7hI3l+MeuwXGm48MAoGCCqGSM49BAMDMDIx
|
||||
MIID1DCCA1qgAwIBAgISBTKUiIkigBvSZVQDbw9ukheIMAoGCCqGSM49BAMDMDIx
|
||||
CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJF
|
||||
NTAeFw0yNTAzMTkxNzI1NTVaFw0yNTA2MTcxNzI1NTRaMCIxIDAeBgNVBAMTF2hv
|
||||
bWUuc29waGllcy1raXRjaGVuLmV1MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEMpwz
|
||||
KfaRqcoUak1UJzHRmcy1Zz/9KmlEoja94JwEO7qqARCOJedwJ/MS8Zkz3ZkJvjv5
|
||||
iIXe9u6qbn/C8RS+/UqunvnCxTJeWMcXaI2p9M+DE7PlPQiIP1t/SPQ2QsIso4IC
|
||||
YzCCAl8wDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
|
||||
BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBSspYDX4yydAiYu+8XZw/Vu7IrW
|
||||
xDAfBgNVHSMEGDAWgBSfK1/PPCFPnQS37SssxMZwi9LXDTBVBggrBgEFBQcBAQRJ
|
||||
MEcwIQYIKwYBBQUHMAGGFWh0dHA6Ly9lNS5vLmxlbmNyLm9yZzAiBggrBgEFBQcw
|
||||
AoYWaHR0cDovL2U1LmkubGVuY3Iub3JnLzA9BgNVHREENjA0ghkqLmhvbWUuc29w
|
||||
aGllcy1raXRjaGVuLmV1ghdob21lLnNvcGhpZXMta2l0Y2hlbi5ldTATBgNVHSAE
|
||||
DDAKMAgGBmeBDAECATAtBgNVHR8EJjAkMCKgIKAehhxodHRwOi8vZTUuYy5sZW5j
|
||||
ci5vcmcvNjEuY3JsMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHcATnWjJ1yaEMM4
|
||||
W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGVr6ZJYgAABAMASDBGAiEA2TRwcna6
|
||||
vp3yZSUfXjd14SFvTZtXucSMJQQERKgwDekCIQCEppv+qukiFo4SjQBMQ50ptVXC
|
||||
LMJZVy4A6VuMCmj3VQB1AOCSs/wMHcjnaDYf3mG5lk0KUngZinLWcsSwTaVtb1QE
|
||||
AAABla+mSgEAAAQDAEYwRAIgXjJYEE32AFXfqx43ZOQrgP5cGdK5znOGCSxmjcMg
|
||||
S/UCIBZNBTNVtJWGYKJQgS+bx7EbDDWobar7shNd1/jK0Kt3MAoGCCqGSM49BAMD
|
||||
A2gAMGUCMQCoQeeM5wcNWCgtjoWPqduuEP/W0M4UrBydd2tVAAE7dbYb2Batj2Gg
|
||||
qnaDMK2j/+ACMCNtwr4CWsgMAsK8HlDVM0UBvzEFOy2X+hkGzqOe0kfN+abHP0Sf
|
||||
L0aZkl5gt8NcKg==
|
||||
NjAeFw0yNTA2MjIyMDU5NThaFw0yNTA5MjAyMDU5NTdaMCIxIDAeBgNVBAMTF2hv
|
||||
bWUuc29waGllcy1raXRjaGVuLmV1MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEDNnB
|
||||
CD9xIEtadMu6N0uqHoVUSWLiB+LohLkzfjIzuKSxwdvdjM7aZ+3TTQL6OhNNnzP0
|
||||
5L+XOeW5/LzPwtMR9U67IKl3BFKODr/M5UOQbarHPultrMwtKfs4xPimTaqlo4IC
|
||||
QTCCAj0wDgYDVR0PAQH/BAQDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
|
||||
BQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRjpEHtCkpi9XffO4TiCHgyaZ7e
|
||||
AjAfBgNVHSMEGDAWgBSTJ0aYA6lRaI6Y1sRCSNsjv1iU0jAyBggrBgEFBQcBAQQm
|
||||
MCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly9lNi5pLmxlbmNyLm9yZy8wPQYDVR0RBDYw
|
||||
NIIZKi5ob21lLnNvcGhpZXMta2l0Y2hlbi5ldYIXaG9tZS5zb3BoaWVzLWtpdGNo
|
||||
ZW4uZXUwEwYDVR0gBAwwCjAIBgZngQwBAgEwLAYDVR0fBCUwIzAhoB+gHYYbaHR0
|
||||
cDovL2U2LmMubGVuY3Iub3JnLzkuY3JsMIIBBgYKKwYBBAHWeQIEAgSB9wSB9ADy
|
||||
AHcA7TxL1ugGwqSiAFfbyyTiOAHfUS/txIbFcA8g3bc+P+AAAAGXmaZlsAAABAMA
|
||||
SDBGAiEA1HNklX3fn9+0ob4WqFUNLrQV1mHN+tVcUKrh1nSyUMYCIQDbIzgNbz13
|
||||
X3nMrY2dcHxFzjBnFHQoYsQgjIHkxuzDXQB3AN3cyjSV1+EWBeeVMvrHn/g9HFDf
|
||||
2wA6FBJ2Ciysu8gqAAABl5mmfWIAAAQDAEgwRgIhAJESizo9faN0c1RD7mvcd8ZT
|
||||
+RMQMdVtU4MiniBcIcwiAiEAwjR0oUcWFeZq56U5jzYyn2i0/LfhWQA1hx+19TuE
|
||||
qwMwCgYIKoZIzj0EAwMDaAAwZQIxAN6rDk9COjwXvDpGuFGbeqUaB72CtEvlXtAC
|
||||
wmjxGdQAd3LyE97muGqtBPLcCBVgPgIwKIVcSS1rJ8NYz93bOPddEn74wPM7UIEG
|
||||
0YpB1kM46bZ1aAubssBGvqiTSPDzVu0k
|
||||
-----END CERTIFICATE-----
|
||||
|
|
|
|||
|
|
@ -1,27 +1,27 @@
|
|||
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIEVzCCAj+gAwIBAgIRAIOPbGPOsTmMYgZigxXJ/d4wDQYJKoZIhvcNAQELBQAw
|
||||
MIIEVzCCAj+gAwIBAgIRALBXPpFzlydw27SHyzpFKzgwDQYJKoZIhvcNAQELBQAw
|
||||
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
|
||||
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
|
||||
WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
|
||||
RW5jcnlwdDELMAkGA1UEAxMCRTUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNCzqK
|
||||
a2GOtu/cX1jnxkJFVKtj9mZhSAouWXW0gQI3ULc/FnncmOyhKJdyIBwsz9V8UiBO
|
||||
VHhbhBRrwJCuhezAUUE8Wod/Bk3U/mDR+mwt4X2VEIiiCFQPmRpM5uoKrNijgfgw
|
||||
RW5jcnlwdDELMAkGA1UEAxMCRTYwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATZ8Z5G
|
||||
h/ghcWCoJuuj+rnq2h25EqfUJtlRFLFhfHWWvyILOR/VvtEKRqotPEoJhC6+QJVV
|
||||
6RlAN2Z17TJOdwRJ+HB7wxjnzvdxEP6sdNgA1O1tHHMWMxCcOrLqbGL0vbijgfgw
|
||||
gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
|
||||
ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSfK1/PPCFPnQS37SssxMZw
|
||||
i9LXDTAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
|
||||
ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSTJ0aYA6lRaI6Y1sRCSNsj
|
||||
v1iU0jAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
|
||||
AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
|
||||
BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
|
||||
Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAH3KdNEVCQdqk0LKyuNImTKdRJY1C
|
||||
2uw2SJajuhqkyGPY8C+zzsufZ+mgnhnq1A2KVQOSykOEnUbx1cy637rBAihx97r+
|
||||
bcwbZM6sTDIaEriR/PLk6LKs9Be0uoVxgOKDcpG9svD33J+G9Lcfv1K9luDmSTgG
|
||||
6XNFIN5vfI5gs/lMPyojEMdIzK9blcl2/1vKxO8WGCcjvsQ1nJ/Pwt8LQZBfOFyV
|
||||
XP8ubAp/au3dc4EKWG9MO5zcx1qT9+NXRGdVWxGvmBFRAajciMfXME1ZuGmk3/GO
|
||||
koAM7ZkjZmleyokP1LGzmfJcUd9s7eeu1/9/eg5XlXd/55GtYjAM+C4DG5i7eaNq
|
||||
cm2F+yxYIPt6cbbtYVNJCGfHWqHEQ4FYStUyFnv8sjyqU8ypgZaNJ9aVcWSICLOI
|
||||
E1/Qv/7oKsnZCWJ926wU6RqG1OYPGOi1zuABhLw61cuPVDT28nQS/e6z95cJXq0e
|
||||
K1BcaJ6fJZsmbjRgD5p3mvEf5vdQM7MCEvU0tHbsx2I5mHHJoABHb8KVBgWp/lcX
|
||||
GWiWaeOyB7RP+OfDtvi2OsapxXiV7vNVs7fMlrRjY1joKaqmmycnBvAq14AEbtyL
|
||||
sVfOS66B8apkeFX2NY4XPEYV4ZSCe8VHPrdrERk2wILG3T/EGmSIkCYVUMSnjmJd
|
||||
VQD9F6Na/+zmXCc=
|
||||
Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAfYt7SiA1sgWGCIpunk46r4AExIRc
|
||||
MxkKgUhNlrrv1B21hOaXN/5miE+LOTbrcmU/M9yvC6MVY730GNFoL8IhJ8j8vrOL
|
||||
pMY22OP6baS1k9YMrtDTlwJHoGby04ThTUeBDksS9RiuHvicZqBedQdIF65pZuhp
|
||||
eDcGBcLiYasQr/EO5gxxtLyTmgsHSOVSBcFOn9lgv7LECPq9i7mfH3mpxgrRKSxH
|
||||
pOoZ0KXMcB+hHuvlklHntvcI0mMMQ0mhYj6qtMFStkF1RpCG3IPdIwpVCQqu8GV7
|
||||
s8ubknRzs+3C/Bm19RFOoiPpDkwvyNfvmQ14XkyqqKK5oZ8zhD32kFRQkxa8uZSu
|
||||
h4aTImFxknu39waBxIRXE4jKxlAmQc4QjFZoq1KmQqQg0J/1JF8RlFvJas1VcjLv
|
||||
YlvUB2t6npO6oQjB3l+PNf0DpQH7iUx3Wz5AjQCi6L25FjyE06q6BZ/QlmtYdl/8
|
||||
ZYao4SRqPEs/6cAiF+Qf5zg2UkaWtDphl1LKMuTNLotvsX99HP69V2faNyegodQ0
|
||||
LyTApr/vT01YPE46vNsDLgK+4cL6TrzC/a4WcmF5SRJ938zrv/duJHLXQIku5v0+
|
||||
EwOy59Hdm0PT/Er/84dDV0CSjdR/2XuZM3kpysSKLgD1cKiDA+IRguODCxfO9cyY
|
||||
Ig46v9mFmBvyH04=
|
||||
-----END CERTIFICATE-----
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
encrypt$gAAAAABn2wvcFmCiy7gpvvwJzRVNJSSxLvlld2ob9O2ivyekdR6y1_k90Q1xZhs7-ombGAIyez1D7lvuNhYQrnff5TqRa9wKbIVyqOOj4lc5qS2jJWyMl9BCr7Fu0mdW0_33Ke5nGpc3mAMjwTLCn8aw-I_I0kALuhKvZ_H31Oy0Mdjw9rau8TmeWGmJDiPMyHlg_C6s2Gvj2VKHVuGeSVg01frjlTveK-ZsJNGvKm7njCqvqGJytFeV6iHzWYyzMTk8-z_xtv-PKH82ME_IdGVv8YcgmCrXWzzA35A3YEaac7uKui1RFzqN6K5sYL1hsxU9rAyidNRd1fp0CRlpyJWgcf_ykoe2u3ManhFOdMmJdx_nrt2znNLaiQqcSHWuws7pGeSZtX72rGa5ZEBF5xeTruhRSQyjMUuBZrqi75QKyYnpmNSpgh0fDHqHUVmSQ5vInd8Tai2BWz3oqKhrkqJMIXlKQn35Jw==
|
||||
encrypt$gAAAAABoWHyMEiWt-0WotQYL4O4bCviT8YZzGhrv5Qzizf1c4THe1exOOlTB9KvjhWUdB8AU_gyzgNnmGXaghavS306OXUBeWFgMA3xlEGz5w9EiaU3djM8ddC1jFLWbm7hTwKnTrsuoee-sj-sep1oNVzr327LsO5EIrLmxqrcvXRGuST2zhHeqMjuxTpyXB-fg9ge_UTBD3W06fy9FwRzD4n1f5InkHTK6EohLMH1scKmIWG52XdZs_Cx3JvXkynfIFyiT7DbzX7YLpRTvLh_Dy3E96F5_H-kR2Uh2db4IL9EwtPGM-jN8XSOFAS14dFeiQTeYzRaGVkQY3YmzsEgxKrSpCjSbUsLNAd4_hqTgbGrlPI1tVjHCozHKiDHM5Taw9b1gxR3pOImONNDFMoV0Pzn2_wsM-GpuLp5q_FtIMb7tHoeDGjplHoshjY998Oc61jA2hhgRfPCCS4BS6EdS6i4Dl93pVQ==
|
||||
|
|
@ -69,7 +69,7 @@ nodes['sophie.vmhost'] = {
|
|||
'version': 4,
|
||||
'shares': {
|
||||
'/srv/nas': {
|
||||
'172.19.164.0/24': 'ro,all_squash,anonuid=65534,anongid=65534,no_subtree_check',
|
||||
'172.19.164.0/23': 'ro,all_squash,anonuid=65534,anongid=65534,no_subtree_check',
|
||||
},
|
||||
},
|
||||
},
|
||||
|
|
|
|||
78
scripts/letsencrypt-wildcard-venv
Executable file
78
scripts/letsencrypt-wildcard-venv
Executable file
|
|
@ -0,0 +1,78 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
if [[ -z "$1" ]] || [[ "$1" == '--help' ]]
|
||||
then
|
||||
echo "Usage: $0 <wildcard-domain>"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
set -e
|
||||
|
||||
domain=$1
|
||||
certalias="_.$1"
|
||||
|
||||
tmpdir=$(mktemp -d)
|
||||
echo "temp dir is $tmpdir"
|
||||
#trap 'cd /; rm -Rf "$tmpdir"' EXIT
|
||||
|
||||
export BW_REPO_PATH="${BW_REPO_PATH:-$PWD}"
|
||||
|
||||
|
||||
cd -- "$tmpdir"
|
||||
git clone https://github.com/dehydrated-io/dehydrated.git
|
||||
cd dehydrated
|
||||
git checkout "$(git describe --tags --abbrev=0)"
|
||||
|
||||
cat >config <<EOF
|
||||
BASEDIR=$tmpdir
|
||||
KEYSIZE=4096
|
||||
HOOK=$tmpdir/dehydrated/hook
|
||||
RENEW_DAYS=90
|
||||
CHALLENGETYPE=dns-01
|
||||
EOF
|
||||
|
||||
cat >hook <<"EOF"
|
||||
#!/usr/bin/env bash
|
||||
|
||||
if [[ "$1" == 'deploy_challenge' ]]
|
||||
then
|
||||
domain=$2
|
||||
token_value=$4
|
||||
|
||||
echo
|
||||
echo You must now provide this DNS record:
|
||||
echo "$(tput bold)_acme-challenge.$domain IN TXT $token_value$(tput sgr0)"
|
||||
echo
|
||||
echo "Hit ENTER once it's available."
|
||||
read
|
||||
fi
|
||||
EOF
|
||||
chmod +x hook
|
||||
|
||||
cat <<EOF
|
||||
|
||||
You will soon be asked to create several DNS records.
|
||||
$(tput bold)Please create all of them. The second one does NOT replace
|
||||
the first one.$(tput sgr0)
|
||||
|
||||
EOF
|
||||
|
||||
./dehydrated --register --accept-terms -f config
|
||||
./dehydrated -c -d "$domain" --alias "$certalias" -d "*.$domain" -f config
|
||||
|
||||
cd -- "$tmpdir"/certs/"$certalias"
|
||||
|
||||
echo
|
||||
echo Copying final files:
|
||||
echo
|
||||
bw_repo=$(${PYENV_ROOT}/versions/bw/bin/bw debug -c 'print(repo.path)')
|
||||
cd -- "$tmpdir"/certs/"$certalias"
|
||||
cp -v cert.pem "$bw_repo"/data/ssl/"$certalias".crt.pem
|
||||
cp -v chain.pem "$bw_repo"/data/ssl/"$certalias".crt_intermediate.pem
|
||||
|
||||
|
||||
echo "Encrypting private key via bw ..."
|
||||
${PYENV_ROOT}/versions/bw/bin/bw debug -c "repo.vault.encrypt_file('$tmpdir/certs/$certalias/privkey.pem', 'ssl/$certalias.key.pem.vault')"
|
||||
|
||||
echo
|
||||
echo "Certificate and key created."
|
||||
Loading…
Add table
Add a link
Reference in a new issue