cookbook 'certbot-exec', '~> 0.1.2', :supermarket
certbot-exec (3) Versions 0.1.2 Follow1
Installs/Configures certbot-exec
cookbook 'certbot-exec', '~> 0.1.2'
knife supermarket install certbot-exec
knife supermarket download certbot-exec
certbot-exec
This library cookbook aims to provide a unified interface for interacting with the certbot
cli utility for generating and renewing Let's Encrypt ssl certificates.
As it is a library cookbook, it does not provide cookbooks to be included in your run-list (in fact, certbot-exec::default
will warn you as such if it doesn't already).
If you are looking to get started quickly, skip to the Getting Started however, you might find the [Design](doc/DESIGN.md) documentation enlightening as this is not a cookbook designed to be consumed directly.
Plugins
certbot_exec
is designed to work with plugins. Refer to [Extending](doc/DESIGN.md#extending) on information on how to write your own plugin.
- CloudFlare: certbot-exec-cloudflare - adds
certbot-dns-cloudflare
authenticator.
Getting Started
Include in certbot-exec
in your Metadata
Include in your metadata.rb
metadata.rb
depends 'certbot-exec'
Set required attributes
-
default['certbot-exec']['agree_to_tos']
- you must set thistrue
to denote your acceptance of LetsEncrypt TOS, documented here (PDF link warning). -
default['certbot-exec']['email']
- Email to use with LetsEncrypt.
Use certbot_exec
Resource
certbot_exec
can be called multiple times. This will only result in one execution of certbot
.
Note: The certbot
utility will be executed at the first instance of certbot_exec
in the run list (order matters!)
certbot_exec 'bar.com'
certbot_exec 'foo.example.com' do
extra_args '--help'
case node[:platform]
when 'redhat', 'centos'
packages 'python2-certbot-dns-cloudflare'
when 'ubuntu', 'debian'
packages 'python3-certbot-dns-cloudflare'
end
post_hook 'systemctl restart theinternet'
end
certbot_exec 'baz.example.com' do
post_hook 'systemctl restart httpd'
end
This would result in an apt install certbot python3-certbot-dns-cloudflare
. for the package
resource. (instead of two invocations of apt
)
also a certbot
cli:
certbot ... -d bar.com,foo.example.com,baz.example.com ... --post-hook 'systemctl restart theinternet' --post-hook 'systemctl restart httpd' ... --help
Resources
This cookbook provides three custom resources that are then wrapped in the certbot_exec
resource.
certbot_exec
Properties
-
domains
-[String,Array]
- list of domains to generate SSL certificate. -
post_hook
-[String,Array]
- list of commands forcertbot
to execute after successfully generating a new certificate. -
extra_args
- [String,Array] - list of additional arguments to pass tocertbot
. -
packages
-[String,Array]
- list of packages to install. -
force
-[True,False]
- defaults to false, if set to true will not validate cert and executecertbot
.
Actions
-
:run
- setup certbot repo, install package, execute certbot.
Usage Example
certbot_exec 'foo.com'
certbot_exec 'foo.com', 'bar.com'
certbot_exec 'execute-certbot' do
domains 'foo.com'
post_hook 'service nginx restart'
extra_args '--help'
action :install
end
certbot_exec 'execute-certbot-with-multiple-domains' do
domains %w(foo.com bar.com example.foo.com example2.foo.com)
post_hook ['service nginx restart', 'service redis restart']
extra_args ['--someflag true', '--help']
case node['platform']
when 'redhat', 'centos'
packages 'python2-certbot-dns-cloudflare'
when 'ubuntu', 'debian'
packages 'python3-certbot-dns-cloudflare'
end
action :install
end
certbot_repo
This resource adds the certbot
ppa on Ubuntu or includes yum-epel
on CentOS/RHEL. It takes no parameters. The default action is :create
.
Actions
-
:create
- create certbot repo
Usage Example
certbot_repo 'certbot-repo'
certbot_repo 'certbot-repo-with-action' do
action :create
end
certbot_pkg
This resource installs packages. It takes a list of packages to install. The default and only action is :install
. The intent was to provide an interface to install additional packages, but it doesn't quite seem to work as expected...
Properties
-
packages
-[String,Array]
- list of packages to install.
Actions
-
:install
- install packages.
Usage Example
certbot_pkg 'certbot'
certbot_pkg ['certbot', 'openssl']
certbot_pkg 'certbot-packages' do
packages ['certbot', 'openssl']
action :install
end
certbot_cmd
This resurce executes the certbot
CLI command. By default it attempts to validate the certificates in /etc/letsencrypt/live
and executes if a valid cert isn't found.
Actions
-
:exec
- Validate cert and execute. -
:force_exec
- Execute regardless if valid cert is found.
Properties
-
domains
-[String,Array]
- list of domains to generate SSL certificate. -
post_hook
-[String,Array]
- list of commands forcertbot
to execute after successfully generating a new certificate. -
extra_args
- [String,Array] - list of additional arguments to pass tocertbot
. -
force
- [True,False]- defaults to false, if set to true will not validate cert and execute
certbot`.
Usage Example
certbot_cmd 'foo.com'
certbot_cmd 'foo.com', 'bar.com'
certbot_cmd 'execute-certbot' do
domains 'foo.com'
post_hook 'service nginx restart'
extra_args '--help'
action :force_exec
end
certbot_cmd 'execute-certbot-with-multiple-domains' do
domains %w(foo.com bar.com example.foo.com example2.foo.com)
post_hook ['service nginx restart', 'service redis restart']
extra_args ['--someflag true', '--help']
action :exec
end
Dependent cookbooks
ohai >= 0.0.0 |
yum-epel >= 0.0.0 |
Contingent cookbooks
There are no cookbooks that are contingent upon this one.
certbot-exec CHANGELOG
This file is used to list changes made in each version of the certbot-exec cookbook.
0.1.2
- Fix ohai plugin so that it works.
0.1.1
- Add
package_list
function to enable "hooking" into to add packages to be installed.
0.1.0
Initial release.
Collaborator Number Metric
0.1.2 failed this metric
Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.
Contributing File Metric
0.1.2 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
0.1.2 passed this metric
No Binaries Metric
0.1.2 passed this metric
Publish Metric
0.1.2 passed this metric
Supported Platforms Metric
0.1.2 passed this metric
Testing File Metric
0.1.2 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.1.2 passed this metric
0.1.2 failed this metric
0.1.2 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
0.1.2 passed this metric
No Binaries Metric
0.1.2 passed this metric
Publish Metric
0.1.2 passed this metric
Supported Platforms Metric
0.1.2 passed this metric
Testing File Metric
0.1.2 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.1.2 passed this metric
0.1.2 passed this metric
0.1.2 passed this metric
Publish Metric
0.1.2 passed this metric
Supported Platforms Metric
0.1.2 passed this metric
Testing File Metric
0.1.2 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.1.2 passed this metric
0.1.2 passed this metric
0.1.2 passed this metric
Testing File Metric
0.1.2 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.1.2 passed this metric
0.1.2 failed this metric
0.1.2 passed this metric