FS#55869 - [hiawatha] 10.6 add letencrypt script feature

Attached to Project: Community Packages
Opened by Armand (Kewl) - Wednesday, 04 October 2017, 19:47 GMT
Last edited by Doug Newgard (Scimmia) - Saturday, 21 October 2017, 03:12 GMT
Task Type Feature Request
Category Packages
Status Closed
Assigned To Kyle Keen (keenerd)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No

Details

Description:
now that the LetsEncrypt script is well integrated into Hiawatha can it be integrated in the package
The creator of Hiawatha is suggesting "/usr/share, /var/lib/ or something like that" for the location

Additional info:
* package version(s) 10.6
* config and/or log files etc. the script is in /extra/letsencrypt

This task depends upon

Closed by  Doug Newgard (Scimmia)
Saturday, 21 October 2017, 03:12 GMT
Reason for closing:  Fixed
Additional comments about closing:  hiawatha 10.7
Comment by Armand (Kewl) - Wednesday, 04 October 2017, 19:50 GMT
The letsencrypt automation script is an essential functionality for SSL TLS https websites and it is now integrated with the source tarball.
Hugo the creator of Hiawatha will continue to support the script and supports the integration
Comment by Armand (Kewl) - Friday, 06 October 2017, 16:49 GMT
"Be aware that Hiawatha's script uses a configuration file and a private key file from the same directory. I think there are two options:
1) Include Hiawatha's Let's Encrypt script as a tarball in /usr/share or /var/lib and instruct users to unpack it somewhere (for example /root) and use it from there.
2) Allow root users to run it from /usr/share or /var/lib, but make sure the access rights of the private key file are correct.
My advice: go for option 1. I will think about improvements for the script, to make it easier to package." Hugo Leisink
Comment by Kyle Keen (keenerd) - Wednesday, 18 October 2017, 05:00 GMT
The entire thing is written in PHP? I'm a little surprised, usually Leisink takes security seriously :-)

It is in 10.7 and I've included those systemd units too. Tell me what you think?
Comment by Armand (Kewl) - Wednesday, 18 October 2017, 06:41 GMT
great, will test and revert, many thanks.
Are you talking about the timer systemd units for automated renewal?
Comment by Armand (Kewl) - Friday, 20 October 2017, 20:29 GMT
thanks for the new package, this is fine

Loading...